From owner-freebsd-questions Fri Sep 29 7: 6:56 2000 Delivered-To: freebsd-questions@freebsd.org Received: from smtp.intop.net (smtp.intop.net [206.156.254.80]) by hub.freebsd.org (Postfix) with ESMTP id C148B37B422 for ; Fri, 29 Sep 2000 07:06:52 -0700 (PDT) Received: from charlie (iwkcpe.intop.net [208.149.79.30]) by smtp.intop.net (8.9.3/8.9.3) with ESMTP id JAA01704; Fri, 29 Sep 2000 09:08:13 -0500 Message-Id: <200009291408.JAA01704@smtp.intop.net> From: "Charlie Schloemer" To: freebsd-questions@FreeBSD.ORG, Trevor Nichols Date: Fri, 29 Sep 2000 09:08:30 -0500 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Was (none), Now: Re: ipfw accounting script In-reply-to: X-mailer: Pegasus Mail for Win32 (v3.12a) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Hi, > > I've written an accounting script, and what it does is create various ipfw > rules, gets the bytes in the rule, zero's it after adding the sum to a > file. > > The only problem is this: > > Sep 29 19:06:02 ocdi /kernel: ipfw: Entry 40010 cleared. > Sep 29 19:06:02 ocdi /kernel: ipfw: Entry 40011 cleared. > > Every time I run the update script, it has that. Is there any way to stop > the kernel from logging these? I'd still like to be able to log other > ipfw commands, explicitly with the -l but this is just ipfw 40010 zero, no > -l at all. > > Any ideas? Erm... if security is important enough to you that you've setup some intricate rules, it makes sense you'd also want to know if someone's zeroing your counters for you. This is a feature that could be a security weakness if you disabled it. Why does it cause problems on your system to log this information? -Charlie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message