From owner-freebsd-security Mon Apr 15 7:48:56 2002 Delivered-To: freebsd-security@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id DCEC037B405 for ; Mon, 15 Apr 2002 07:48:51 -0700 (PDT) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16x7pf-0003ap-00; Mon, 15 Apr 2002 16:51:51 +0200 From: Sheldon Hearn To: Andrew Johns Cc: Christoph Kukulies , freebsd-security@FreeBSD.ORG Subject: Re: Limiting closed port RST response from 381 to 200 p In-reply-to: Your message of "Tue, 16 Apr 2002 00:20:01 +1000." <3CBAE191.9010200@kpi.com.au> Date: Mon, 15 Apr 2002 16:51:51 +0200 Message-ID: <13814.1018882311@axl.seasidesoftware.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 16 Apr 2002 00:20:01 +1000, Andrew Johns wrote: > Actually Sheldon I think that's a great idea - helps with > syslog DoS somewhat as well. Anybody else care to contemplate > making it either a default or sysctl (ICMP_BANDLIMIT_DOSLIMIT?) In CURRENT, logging is conditional on a sysctl value; the message format is unchanged from that of STABLE, but logging can be turned off completely if desired. This seems to keep most people happy. I don't think my preference (always seeing the messages, but having syslog coalesce them) is representative of the majority of folks to whom this matters. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message