Author: lidl Date: Tue Feb 9 21:00:38 2016 New Revision: 295452 URL: https://svnweb.freebsd.org/changeset/base/295452
Log: Zero pf rule counters so daily reports make sense Zero pf rule counters so that each daily report lists an absolute number of rejected packets, not the total since the last time the machine rebooted (or the counters were manually cleared). PR: 206467 Submitted by: Rick Adams Approved by: rpaulo (mentor) Differential Revision: https://reviews.freebsd.org/D5172 Modified: head/etc/periodic/security/520.pfdenied Modified: head/etc/periodic/security/520.pfdenied ============================================================================== --- head/etc/periodic/security/520.pfdenied Tue Feb 9 20:22:35 2016 (r295451) +++ head/etc/periodic/security/520.pfdenied Tue Feb 9 21:00:38 2016 (r295452) @@ -44,7 +44,7 @@ rc=0 if check_yesno_period security_status_pfdenied_enable then TMP=`mktemp -t security` - if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then + if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then check_diff new_only pf ${TMP} "${host} pf denied packets:" fi rc=$? _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
