From owner-freebsd-security Sun Sep 12 10:19:14 1999 Delivered-To: freebsd-security@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 3073914CCC for ; Sun, 12 Sep 1999 10:17:55 -0700 (PDT) (envelope-from des@flood.ping.uio.no) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id TAA14850; Sun, 12 Sep 1999 19:16:40 +0200 (CEST) (envelope-from des) To: Will Andrews Cc: (Anil Jangity) , freebsd-security@FreeBSD.ORG Subject: Re: ipfw question References: From: Dag-Erling Smorgrav Date: 12 Sep 1999 19:16:39 +0200 In-Reply-To: Will Andrews's message of "Sun, 12 Sep 1999 10:10:25 -0400 (EDT)" Message-ID: Lines: 17 X-Mailer: Gnus v5.5/Emacs 19.34 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Will Andrews writes: > [...] The drawback to these features is that the limit doesn't > behave the way I think it should (although as a result, I don't use > VERBOSITY_LIMIT) - instead of just counting repeating packets, it kills the > rule the packets are matched against after the rule reaches the limit specified. It would be more accurate (and less misleading) to say "silence" instead of "kill". It does not remove nor disable the rule, it just stops logging packets that match that particular rule until you reset the counters. In 4.0, you can reset the log counters independently of the match counters ('ipfw resetlog' instead of 'ipfw zero'), which allows you to restart logging even when running at high securelevels (all ipfw commands except resetlog are disabled at securelevel >= 3). DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message