Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 28 Jul 1999 09:39:44 -0600
From:      Nate Williams <nate@mt.sri.com>
To:        "Brian F. Feldman" <green@FreeBSD.org>
Cc:        Nate Williams <nate@mt.sri.com>, Joe Greco <jgreco@ns.sol.net>, hackers@FreeBSD.org, freebsd-ipfw@FreeBSD.org
Subject:   Re: securelevel and ipfw zero
Message-ID:  <199907281539.JAA01265@mt.sri.com>
In-Reply-To: <Pine.BSF.4.10.9907280217180.71863-100000@janus.syracuse.net>
References:  <199907280449.WAA29417@mt.sri.com> <Pine.BSF.4.10.9907280217180.71863-100000@janus.syracuse.net>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> > Implementing it is the easy part, making sure it's the right thing to do
> > is the hard part.
> 
> Well, the easy part is done, except for raising limits. Look:
> ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0
> ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0
> ipfw: limit 2 reached on rule #1
> ipfw: Entry 1 logging count reset.
> ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0
> ipfw: 1 Deny ICMP:8.0 127.0.0.1 127.0.0.1 out via lo0
> ipfw: limit 2 reached on rule #1
> 
> Nice? :)

Depends on how it effects the speed of the system and if it makes the
code too complex. :)


Nate


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?199907281539.JAA01265>