From owner-freebsd-hackers Tue Jul 27 12:56:33 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from aurora.sol.net (aurora.sol.net [206.55.65.76]) by hub.freebsd.org (Postfix) with ESMTP id 80E481544F; Tue, 27 Jul 1999 12:56:24 -0700 (PDT) (envelope-from jgreco@aurora.sol.net) Received: (from jgreco@localhost) by aurora.sol.net (8.9.2/8.9.2/SNNS-1.02) id OAA13811; Tue, 27 Jul 1999 14:56:18 -0500 (CDT) From: Joe Greco Message-Id: <199907271956.OAA13811@aurora.sol.net> Subject: Re: securelevel and ipfw zero In-Reply-To: <199907271951.NAA27049@mt.sri.com> from Nate Williams at "Jul 27, 1999 1:51:11 pm" To: nate@mt.sri.com (Nate Williams) Date: Tue, 27 Jul 1999 14:56:17 -0500 (CDT) Cc: jgreco@ns.sol.net, nate@mt.sri.com, hackers@freebsd.org, freebsd-ipfw@freebsd.org X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > Again, it's not a fix, it's a feature. Not being able to mess with > > > counters (logging or otherwise) is a feature. It may be a feature that > ^^^^^^^^^^^^^^^^^^^^ > > > you can do without, but that decision is not to be made lightly. > > > > I'm _saying_ to create a completely separate counter which has nothing to > > do with accounting. > > See above. I did see above. If the sole purpose of a counter is to turn _off_ a feature to prevent DoS attacks, and it is clearly desirable that the admin (or a representative entity such as a monitoring system) would want to be able to re-enable the logging under those same terms at some admin-specified interval, how exactly would you choose to implement this? Please, be specific. If zeroing a counter whose sole purpose in life is to control logging output presents a problem for you, perhaps some other alternative is possible. I'm not quite sure what it would be. ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message