From owner-freebsd-security Mon Apr 15 8:35:45 2002 Delivered-To: freebsd-security@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 630DE37B419 for ; Mon, 15 Apr 2002 08:35:39 -0700 (PDT) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16x8Z5-0003lv-00; Mon, 15 Apr 2002 17:38:47 +0200 From: Sheldon Hearn To: The Anarcat Cc: Andrew Johns , Christoph Kukulies , freebsd-security@FreeBSD.ORG Subject: Re: General Rate-limiting in syslog(3) (was: Limiting closed port RST response from 381 to 200 p) In-reply-to: Your message of "Mon, 15 Apr 2002 11:24:35 -0400." <20020415152435.GB302@lenny.anarcat.dyndns.org> Date: Mon, 15 Apr 2002 17:38:47 +0200 Message-ID: <14502.1018885127@axl.seasidesoftware.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 15 Apr 2002 11:24:35 -0400, The Anarcat wrote: > I think it therefore belongs to ipfw to do this kind of rate-limiting, > and on a per-rule base, it would be fantastic. > > I guess I'll need to take another look at ipfw's source, again. :) Well, the messages that this thread revolve around are generated by the kernel's ICMP code, not by IPFW. But if you were to take an interest in improving ipfw's logging, you might want to look at how IPFilter handles logging. In my opinion, IPFilter's logging system is a great step forward from IPFW's. Each message I post on this thread feels more and more off-topic. I think this'll be my last. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message