Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 26 Jul 1999 13:16:57 -0500 (CDT)
From:      Joe Greco <>
Subject:   securelevel and ipfw zero
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help

So, I've a box that I have an ipfw ruleset on.  The firewall should not be
changeable during runtime, and the box runs at securelevel=3.

In order to prevent DoS disk-fill attacks, I also have specified

Now, the problem is, in securelevel 3, you cannot zero a rule's counter,
so basically once you are up and running, you get to log IPFW_VERBOSE_LIMIT
events and then you lose logging (ideally I'd zero nonzero rules once every
N minutes).


... Joe

Joe Greco - Systems Administrator
Solaria Public Access UNIX - Milwaukee, WI			   414/342-4847

To Unsubscribe: send mail to
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <>