Date: Tue, 27 Jul 1999 14:56:17 -0500 (CDT) From: Joe Greco <jgreco@ns.sol.net> To: nate@mt.sri.com (Nate Williams) Cc: jgreco@ns.sol.net, nate@mt.sri.com, hackers@freebsd.org, freebsd-ipfw@freebsd.org Subject: Re: securelevel and ipfw zero Message-ID: <199907271956.OAA13811@aurora.sol.net> In-Reply-To: <199907271951.NAA27049@mt.sri.com> from Nate Williams at "Jul 27, 1999 1:51:11 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Again, it's not a fix, it's a feature. Not being able to mess with > > > counters (logging or otherwise) is a feature. It may be a feature that > ^^^^^^^^^^^^^^^^^^^^ > > > you can do without, but that decision is not to be made lightly. > > > > I'm _saying_ to create a completely separate counter which has nothing to > > do with accounting. > > See above. I did see above. If the sole purpose of a counter is to turn _off_ a feature to prevent DoS attacks, and it is clearly desirable that the admin (or a representative entity such as a monitoring system) would want to be able to re-enable the logging under those same terms at some admin-specified interval, how exactly would you choose to implement this? Please, be specific. If zeroing a counter whose sole purpose in life is to control logging output presents a problem for you, perhaps some other alternative is possible. I'm not quite sure what it would be. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907271956.OAA13811>