diff options
| author | glebius <glebius@FreeBSD.org> | 2005-08-20 09:41:49 +0000 |
|---|---|---|
| committer | glebius <glebius@FreeBSD.org> | 2005-08-20 09:41:49 +0000 |
| commit | 34a844087db5a7fc8ecccf86f2723d7033bcc565 (patch) | |
| tree | e45eea63b88cd33b17cdb9a1e29be78892a1d527 /etc/periodic | |
| parent | 29a0252061def76bbb236ae7d0c5ab4d8621993c (diff) | |
| download | FreeBSD-src-34a844087db5a7fc8ecccf86f2723d7033bcc565.zip FreeBSD-src-34a844087db5a7fc8ecccf86f2723d7033bcc565.tar.gz | |
- Correctly parse output, when logging amount is limited in the
rule itself, not in verbose_limit sysctl. [1]
- Do check rules, even if verbose_limit is set 0. Rules may have
their own log limits.
PR: conf/77929
Submitted by: Andriy Gapon [1]
Reviewed by: matteo
Diffstat (limited to 'etc/periodic')
| -rwxr-xr-x | etc/periodic/security/550.ipfwlimit | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/etc/periodic/security/550.ipfwlimit b/etc/periodic/security/550.ipfwlimit index 912d009..cba39f6 100755 --- a/etc/periodic/security/550.ipfwlimit +++ b/etc/periodic/security/550.ipfwlimit @@ -44,17 +44,25 @@ case "$daily_status_security_ipfwlimit_enable" in [Yy][Ee][Ss]) TMP=`mktemp -t security` IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` - if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then - ipfw -a list | grep " log " | \ - grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \ - awk -v limit="$IPFW_LOG_LIMIT" \ - '{if ($2 > limit) {print $0}}' > ${TMP} - if [ -s "${TMP}" ]; then + if [ $? -eq 0 ]; then + IPFW_LOG_LIMIT=0 + fi + ipfw -a list | grep " log " | \ + grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \ + awk -v limit="$IPFW_LOG_LIMIT" \ + '{if ($6 == "logamount") { + if ($2 > $7) + {print $0} + } else { + if ($2 > limit) + {print $0}} + }' > ${TMP} + + if [ -s "${TMP}" ]; then rc=1 echo "" echo 'ipfw log limit reached:' cat ${TMP} - fi fi rm -f ${TMP};; *) rc=0;; |
