Date: Wed, 28 Jul 1999 13:37:17 -0600 From: Nate Williams <nate@mt.sri.com> To: "Brian F. Feldman" <green@FreeBSD.org> Cc: Nate Williams <nate@mt.sri.com>, Joe Greco <jgreco@ns.sol.net>, hackers@FreeBSD.org, freebsd-ipfw@FreeBSD.org Subject: Re: securelevel and ipfw zero Message-ID: <199907281937.NAA02547@mt.sri.com> In-Reply-To: <Pine.BSF.4.10.9907281533260.92555-100000@janus.syracuse.net> References: <199907281539.JAA01265@mt.sri.com> <Pine.BSF.4.10.9907281533260.92555-100000@janus.syracuse.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > > Implementing it is the easy part, making sure it's the right thing to do > > > > is the hard part. > > > > > > Well, the easy part is done, except for raising limits. Look: > > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > > ipfw: limit 2 reached on rule #1 > > > ipfw: Entry 1 logging count reset. > > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > > ipfw: limit 2 reached on rule #1 > > > > > > Nice? :) > > > > Depends on how it effects the speed of the system and if it makes the > > code too complex. :) > > None and no. Beauty is in the eye of the beholder. Let's suspend judgement on it until we actually get a chance to review it, pride in your work not withstanding. :) :) Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907281937.NAA02547>