From d848a791d143dcd43bbfd4243df4fe61c62fac41 Mon Sep 17 00:00:00 2001 From: green Date: Sun, 1 Aug 1999 16:57:24 +0000 Subject: Make ipfw's logging more dynamic. Now, log will use the default limit _or_ you may specify "log logamount number" to set logging specifically the rule. In addition, "ipfw resetlog" has been added, which will reset the logging counters on any/all rule(s). ipfw resetlog does not affect the packet/byte counters (as ipfw reset does), and is the only "set" command that can be run at securelevel >= 3. This should address complaints about not being able to set logging amounts, not being able to restart logging at a high securelevel, and not being able to just reset logging without resetting all of the counters in a rule. --- sys/netinet/ip_fw.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'sys/netinet/ip_fw.h') diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h index d858040..958eb67 100644 --- a/sys/netinet/ip_fw.h +++ b/sys/netinet/ip_fw.h @@ -11,7 +11,7 @@ * * This software is provided ``AS IS'' without any warranties of any kind. * - * $Id: ip_fw.h,v 1.38 1999/06/19 18:43:30 green Exp $ + * $Id: ip_fw.h,v 1.39 1999/07/28 22:22:57 green Exp $ */ #ifndef _IP_FW_H @@ -85,6 +85,8 @@ struct ip_fw { void *next_rule_ptr ; /* next rule in case of match */ uid_t fw_uid; /* uid to match */ gid_t fw_gid; /* gid to match */ + int fw_logamount; /* amount to log */ + u_int64_t fw_loghighest; /* highest number packet to log */ }; #define IP_FW_GETNSRCP(rule) ((rule)->fw_nports & 0x0f) -- cgit v1.1