Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 04 Jul 2004 08:04:53 -0400
From:      Dan Pelleg <daniel+bsd@pelleg.org>
To:        Barbish3@adelphia.net
Cc:        freebsd-ipfw@freebsd.org
Subject:   Re: IPFIREWALL_VERBOSE_LIMIT ignored by recent kernel/world?
Message-ID:  <u2sisd4f062.fsf@pelleg.org>
In-Reply-To: <MIEPLLIBMLEEABPDBIEGCECHGFAA.Barbish3@adelphia.net> (JJB's message of "Sun, 4 Jul 2004 07:50:25 -0400")
References:  <MIEPLLIBMLEEABPDBIEGCECHGFAA.Barbish3@adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

I have a patch for that in kern/46080. Note I haven't tested it in a while

http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/46080

-- 

  Dan Pelleg

"JJB" <Barbish3@adelphia.net> writes:

> Verbose limit is a sysctl knob now, you can display it to see
> current setting or change it without a reboot. Check your
> newsyslog.conf file to very the rotate trigger is the same as you
> were using before.
>
> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org
> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Rob
> Sent: Sunday, July 04, 2004 12:37 AM
> To: freebsd-stable@freebsd.org; freebsd-questions@freebsd.org
> Subject: IPFIREWALL_VERBOSE_LIMIT ignored by recent kernel/world?
>
>
> Hello,
>
> I have one PC with updated kernel/world from June 25th, and another
> from June 10th,
> all with sources for STABLE.
>
> Both PCs have a firewall. Neither of the two seems to obey the
> verbose limit of 100,
> that I put in the kernel configuration file.
>
> In the past, /var/log/secure used to rotate once a week or so, but
> now it does in
> less than 30 minutes due to the overwhelming amount of firewall
> logs.
>
> The kernel configuration has following lines, related to the
> firewall:
>
>    options IPDIVERT
>    options IPFW2           # version 2 IPFW
>    options IPFIREWALL      # firewall
>    options IPFIREWALL_VERBOSE              # enable logging to
> syslogd(8)
>    options IPFIREWALL_VERBOSE_LIMIT=100    # limit verbosity
>    options IPFIREWALL_DEFAULT_TO_ACCEPT    # allow everything by
> default
>
> and I have in /etc/make.conf:
>
>    IPFW2=TRUE
>
>
> Any idea what is going wrong here?
>
> Thanks,
> Rob.
>
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?u2sisd4f062.fsf>