Hello, So, I've a box that I have an ipfw ruleset on. The firewall should not be changeable during runtime, and the box runs at securelevel=3.
In order to prevent DoS disk-fill attacks, I also have specified IPFW_VERBOSE_LIMIT. Now, the problem is, in securelevel 3, you cannot zero a rule's counter, so basically once you are up and running, you get to log IPFW_VERBOSE_LIMIT events and then you lose logging (ideally I'd zero nonzero rules once every N minutes). Comments? ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgr...@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
