From owner-freebsd-hackers Wed Jul 28 12:35: 1 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from janus.syracuse.net (janus.syracuse.net [205.232.47.15]) by hub.freebsd.org (Postfix) with ESMTP id 8E1181556B; Wed, 28 Jul 1999 12:34:52 -0700 (PDT) (envelope-from green@FreeBSD.org) Received: from localhost (green@localhost) by janus.syracuse.net (8.9.2/8.8.7) with ESMTP id PAA92882; Wed, 28 Jul 1999 15:33:35 -0400 (EDT) X-Authentication-Warning: janus.syracuse.net: green owned process doing -bs Date: Wed, 28 Jul 1999 15:33:34 -0400 (EDT) From: "Brian F. Feldman" X-Sender: green@janus.syracuse.net To: Nate Williams Cc: Joe Greco , hackers@FreeBSD.org, freebsd-ipfw@FreeBSD.org Subject: Re: securelevel and ipfw zero In-Reply-To: <199907281539.JAA01265@mt.sri.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 28 Jul 1999, Nate Williams wrote: > > > Implementing it is the easy part, making sure it's the right thing to do > > > is the hard part. > > > > Well, the easy part is done, except for raising limits. Look: > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > ipfw: limit 2 reached on rule #1 > > ipfw: Entry 1 logging count reset. > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0 > > ipfw: limit 2 reached on rule #1 > > > > Nice? :) > > Depends on how it effects the speed of the system and if it makes the > code too complex. :) None and no. > > > Nate > Brian Fundakowski Feldman _ __ ___ ____ ___ ___ ___ green@FreeBSD.org _ __ ___ | _ ) __| \ FreeBSD: The Power to Serve! _ __ | _ \._ \ |) | http://www.FreeBSD.org/ _ |___/___/___/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message