Date: Mon, 14 Mar 2005 09:50:05 GMT From: Andriy Gapon <avg@icyb.net.ua> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/77929: periodic/security/550.ipfwlimit ignores logamount Message-ID: <200503140950.j2E9o5Gp081754@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/77929; it has been noted by GNATS. From: Andriy Gapon <avg@icyb.net.ua> To: freebsd-gnats-submit@FreeBSD.org, pbl@tsua.net Cc: Subject: Re: conf/77929: periodic/security/550.ipfwlimit ignores logamount Date: Mon, 14 Mar 2005 11:41:39 +0200 This is a multi-part message in MIME format. --------------020905030404010501000907 Content-Type: text/plain; charset=KOI8-U Content-Transfer-Encoding: 7bit Attached is the patch based on idea in http://lists.freebsd.org/pipermail/freebsd-security/2005-February/002703.html but unlike the patch there, this patch in known to work (at least on FreeBSD 5.2.1). -- Andriy Gapon --------------020905030404010501000907 Content-Type: text/plain; name="periodic-ipfw.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="periodic-ipfw.patch" --- 550.ipfwlimit Wed Feb 23 18:54:35 2005 +++ 550.ipfwlimit Wed Feb 23 19:19:19 2005 @@ -45,10 +45,10 @@ TMP=`mktemp -t security` IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then ipfw -a l | grep " log " | \ grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \ awk -v limit="$IPFW_LOG_LIMIT" \ - '{if ($2 > limit) {print $0}}' > ${TMP} + '{if ($6 == "logamount") {if ($2 > $7) {print $0}} else {if ($2 > limit) {print $0}}}' > ${TMP} if [ -s "${TMP}" ]; then rc=1 echo "" --------------020905030404010501000907--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503140950.j2E9o5Gp081754>