Date: Thu, 07 Oct 1999 16:42:44 -0400 From: Allen Cleveland <allenc@mindsieve.com> To: freebsd-questions@FreeBSD.ORG Subject: Getting more info from icmp-response bandwidth limit Message-ID: <3.0.5.32.19991007164244.00814680@mindsieve.com>
next in thread | raw e-mail | index | archive | help
Hello, I included the bandwidth limit in the kernel ( 3-3-RC atm ) and, as predicted, it's doing it's job. What I'm interested in is getting the IP address into the message that these packets are claiming to come from. I understand that the IP information may not be correct, due to spoofing, but I'd like this information in the message anyway. I'd also like to have the time in the security check output so I can provide the required information to the correct parties. This is the familar message: Oct 7 02:47:58 roswell /kernel: icmp-response bandwidth limit 115/100 pps and it looks like this in the security check output: roswell kernel log messages: >icmp-response bandwidth limit 115/100 pps And I'd like it to look something like: Oct 7 02:47:58 roswell /kernel: icmp-response bandwidth limit 115/100 pps from xxx.xxx.xxx.xxx And: roswell kernel log messages: >Oct 7 02:47:58 icmp-response bandwidth limit 115/100 pps from xxx.xxx.xxx.xxx I searched the mailing list and only found a reference to running 'tcpdump icmp' which I'd have to do during the limiting :/ Any ideas? -- Allen Cleveland allenc@mindsieve.com There is no try. Do, or do not do, but no try. -Yoda To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19991007164244.00814680>