Date: Mon, 26 Jul 1999 11:47:20 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: Joe Greco <jgreco@ns.sol.net> Cc: freebsd-hackers@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG Subject: Re: securelevel and ipfw zero Message-ID: <199907261847.LAA48202@apollo.backplane.com> References: <199907261816.NAA05470@aurora.sol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
:Hello,
:
:So, I've a box that I have an ipfw ruleset on. The firewall should not be
:changeable during runtime, and the box runs at securelevel=3.
:
:In order to prevent DoS disk-fill attacks, I also have specified
:IPFW_VERBOSE_LIMIT.
:
:Now, the problem is, in securelevel 3, you cannot zero a rule's counter,
:so basically once you are up and running, you get to log IPFW_VERBOSE_LIMIT
:events and then you lose logging (ideally I'd zero nonzero rules once every
:N minutes).
:
:Comments?
:
:... Joe
:
:-------------------------------------------------------------------------------
:Joe Greco - Systems Administrator jgreco@ns.sol.net
Playing devil's advocate, someone might be using those counters for
accounting purposes. That's about as worse a scenario as I can think
of, and I can't imagine this sort of situation would be prevalient.
I'd say that the counters should be clearable at high secure level.
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907261847.LAA48202>