Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 10 Jan 2003 09:13:39 +0600 (OMST)
From:      El Vampiro <vampiro@rusunix.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   conf/46913: ipf denied packets of security run output contains nonmatched rules
Message-ID:  <20030110031339.5469E1CD662@the.rusunix.org>

next in thread | raw e-mail | index | archive | help

>Number:         46913
>Category:       conf
>Synopsis:       ipf denied packets of security run output contains nonmatched rules
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 09 19:20:00 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     El Vampiro
>Release:        FreeBSD 4.7-STABLE i386
>Organization:
rusunix (https://the.rusunix.org)
>Environment:
System: FreeBSD the.rusunix.org 4.7-STABLE FreeBSD 4.7-STABLE #0: Sat Jan 4 19:11:18 OMST 2003 vampiro@vampiro.rsb.local:/build/usr/src/sys/NEWMONSTER i386

>Description:
	Periodic script 510.ipfdenied prints all of the "block" rules instead
	of rules that blocked packets only.
>How-To-Repeat:
	run /etc/periodic/security/510.ipfdenied
>Fix:

--- 510.ipfdenied.orig	Sat Jan  4 11:36:54 2003
+++ 510.ipfdenied	Fri Jan 10 08:46:48 2003
@@ -42,7 +42,7 @@
 case "$daily_status_security_ipfdenied_enable" in
     [Yy][Ee][Ss])
 	TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
-	if ipfstat -nhio 2>/dev/null | grep block > ${TMP}; then
+	if ipfstat -nhio 2>/dev/null | grep block | grep -v ^0 > ${TMP}; then
 	  check_diff new_only ipf ${TMP} "${host} ipf denied packets:"
 	fi
 	rc=$?

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030110031339.5469E1CD662>