Date: Tue, 22 Feb 2005 11:25:58 +0300 From: Gleb Smirnoff <glebius@freebsd.org> To: Mike Silbersack <silby@silby.com> Cc: cvs-all@freebsd.org Subject: Re: cvs commit: src/etc syslog.conf Message-ID: <20050222082558.GB10624@cell.sick.ru> In-Reply-To: <20050222021322.U702@odysseus.silby.com> References: <200502220803.j1M839fn013604@repoman.freebsd.org> <20050222021322.U702@odysseus.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 22, 2005 at 02:20:40AM -0600, Mike Silbersack wrote: M> > Security: this change fixes a DoS condition, when default system M> > console is serial, and box is flooded with bogus ARP M> > packets M> M> Go rate-limit those messages, like we do with other kernel messages. grep M> for "ppsratecheck" in /usr/src/sys/kern to see the other users of that M> function. M> M> If losing information about the flood is an issue, you could use M> ppsratecheck to ensure that a generic "arp flood" message goes to the M> console, but the actual messages are sent with a lower priority. No information is lost. All kern.debug is written to /var/log/messages. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050222082558.GB10624>