Hello,

So, I've a box that I have an ipfw ruleset on.  The firewall should not be
changeable during runtime, and the box runs at securelevel=3.

In order to prevent DoS disk-fill attacks, I also have specified
IPFW_VERBOSE_LIMIT.

Now, the problem is, in securelevel 3, you cannot zero a rule's counter,
so basically once you are up and running, you get to log IPFW_VERBOSE_LIMIT
events and then you lose logging (ideally I'd zero nonzero rules once every
N minutes).

Comments?

... Joe

-------------------------------------------------------------------------------
Joe Greco - Systems Administrator                             [EMAIL PROTECTED]
Solaria Public Access UNIX - Milwaukee, WI                         414/342-4847


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Reply via email to