From owner-svn-src-all@freebsd.org Tue Feb 9 21:00:40 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 59A5CAA2817; Tue, 9 Feb 2016 21:00:40 +0000 (UTC) (envelope-from lidl@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 284F41A38; Tue, 9 Feb 2016 21:00:40 +0000 (UTC) (envelope-from lidl@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u19L0dsT061115; Tue, 9 Feb 2016 21:00:39 GMT (envelope-from lidl@FreeBSD.org) Received: (from lidl@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u19L0dBK061114; Tue, 9 Feb 2016 21:00:39 GMT (envelope-from lidl@FreeBSD.org) Message-Id: <201602092100.u19L0dBK061114@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: lidl set sender to lidl@FreeBSD.org using -f From: Kurt Lidl Date: Tue, 9 Feb 2016 21:00:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r295452 - head/etc/periodic/security X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Feb 2016 21:00:40 -0000 Author: lidl Date: Tue Feb 9 21:00:38 2016 New Revision: 295452 URL: https://svnweb.freebsd.org/changeset/base/295452 Log: Zero pf rule counters so daily reports make sense Zero pf rule counters so that each daily report lists an absolute number of rejected packets, not the total since the last time the machine rebooted (or the counters were manually cleared). PR: 206467 Submitted by: Rick Adams Approved by: rpaulo (mentor) Differential Revision: https://reviews.freebsd.org/D5172 Modified: head/etc/periodic/security/520.pfdenied Modified: head/etc/periodic/security/520.pfdenied ============================================================================== --- head/etc/periodic/security/520.pfdenied Tue Feb 9 20:22:35 2016 (r295451) +++ head/etc/periodic/security/520.pfdenied Tue Feb 9 21:00:38 2016 (r295452) @@ -44,7 +44,7 @@ rc=0 if check_yesno_period security_status_pfdenied_enable then TMP=`mktemp -t security` - if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then + if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then check_diff new_only pf ${TMP} "${host} pf denied packets:" fi rc=$?