:Hello,
:
:So, I've a box that I have an ipfw ruleset on. The firewall should not be
:changeable during runtime, and the box runs at securelevel=3.
:
:In order to prevent DoS disk-fill attacks, I also have specified
:IPFW_VERBOSE_LIMIT.
:
:Now, the problem is, in securelevel 3, you cannot zero a rule's counter,
:so basically once you are up and running, you get to log IPFW_VERBOSE_LIMIT
:events and then you lose logging (ideally I'd zero nonzero rules once every
:N minutes).
:
:Comments?
:
:... Joe
:
:-------------------------------------------------------------------------------
:Joe Greco - Systems Administrator [EMAIL PROTECTED]
Playing devil's advocate, someone might be using those counters for
accounting purposes. That's about as worse a scenario as I can think
of, and I can't imagine this sort of situation would be prevalient.
I'd say that the counters should be clearable at high secure level.
-Matt
Matthew Dillon
<[EMAIL PROTECTED]>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
