diff options
author | green <green@FreeBSD.org> | 2000-04-30 06:44:11 +0000 |
---|---|---|
committer | green <green@FreeBSD.org> | 2000-04-30 06:44:11 +0000 |
commit | 345524b782e3248cb76ef73570310f0fd15cd421 (patch) | |
tree | f0d57db85c1ddf3055a567b4ec482ac800848909 /sbin/ipfw | |
parent | f92678d782a1d44f8a20d0c7fffead80514f2d40 (diff) | |
download | FreeBSD-src-345524b782e3248cb76ef73570310f0fd15cd421.zip FreeBSD-src-345524b782e3248cb76ef73570310f0fd15cd421.tar.gz |
Allow overriding of net.inet.ip.fw.verbose_limit; if you want to make a
rule that logs without a log limit, use "logamount 0" in addition to "log".
Diffstat (limited to 'sbin/ipfw')
-rw-r--r-- | sbin/ipfw/ipfw.8 | 12 | ||||
-rw-r--r-- | sbin/ipfw/ipfw.c | 10 |
2 files changed, 15 insertions, 7 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index 6396a23..e6f6dda 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -422,13 +422,19 @@ If the kernel was compiled with the .Dv IPFIREWALL_VERBOSE_LIMIT option, then by default logging will cease after the number of packets specified by the option are received for that -particular chain entry. +particular chain entry, and +.Em net.inet.ip.fw.verbose_limit +will be set to that number. However, if .Cm logamount Ar number is used, that .Ar number -will be the default logging limit rather than -.Dv IPFIREWALL_VERBOSE_LIMIT . +will be the logging limit rather than +.Em net.inet.ip.fw.verbose_limit , +where the value +.Dq 0 +removes the logging limit. +.Dv Logging may then be re-enabled by clearing the logging counter or the packet counter for that entry. .Pp diff --git a/sbin/ipfw/ipfw.c b/sbin/ipfw/ipfw.c index 0bf97fd..d01b6e9 100644 --- a/sbin/ipfw/ipfw.c +++ b/sbin/ipfw/ipfw.c @@ -1412,9 +1412,10 @@ add(ac,av) if (!ac) show_usage("``logamount'' requires argument"); rule.fw_logamount = atoi(*av); - if (rule.fw_logamount <= 0) - show_usage("``logamount'' argument must be greater " - "than 0"); + if (rule.fw_logamount < 0) + show_usage("``logamount'' argument must be positive"); + if (rule.fw_logamount == 0) + rule.fw_logamount = -1; ac--; av++; } @@ -1685,7 +1686,8 @@ badviacombo: &rule.fw_logamount, &len, NULL, 0) == -1) errx(1, "sysctlbyname(\"%s\")", "net.inet.ip.fw.verbose_limit"); - } + } else if (rule.fw_logamount == -1) + rule.fw_logamount = 0; rule.fw_loghighest = rule.fw_logamount; } done: |