> I like the ability at secure level 3 to only reset the counters forward.. > It fits in with such things as the "append only" flag.
Then we'd have to implement per-rule counters that default to IPFW_VERBOSE_LIMIT but that could be changed to anything. That's a very different setup than what we currently have. (Another thing I just thought of is that this could cause DoS attacks on the system if a user compromised root and then set the limit to a very high number.) Nate To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message
