From owner-freebsd-ipfw  Tue Jul 27  0:38:48 1999
Delivered-To: freebsd-ipfw@freebsd.org
Received: from donpac.ru (nsnew.donpac.ru [195.161.172.254])
	by hub.freebsd.org (Postfix) with ESMTP
	id 2B3F51533E; Tue, 27 Jul 1999 00:38:28 -0700 (PDT)
	(envelope-from hitower@don.sitek.net)
Received: from dkeeper.ddns.org (ppp1.ats74.donpac.ru [195.161.173.192])
	by donpac.ru (8.9.1/8.9.1/cae1.1.0.4) with ESMTP id LAA04696;
	Tue, 27 Jul 1999 11:38:48 GMT
Received: from don.sitek.net (nest.dungeon [10.0.0.254])
	by dkeeper.ddns.org (8.9.2/8.9.1) with ESMTP id LAA21385;
	Tue, 27 Jul 1999 11:37:12 +0400 (MSD)
	(envelope-from hitower@don.sitek.net)
Message-ID: <379D60D9.2620590F@don.sitek.net>
Date: Tue, 27 Jul 1999 11:33:45 +0400
From: Max Mukhin <hitower@don.sitek.net>
X-Mailer: Mozilla 4.6 [en] (WinNT; I)
X-Accept-Language: en
MIME-Version: 1.0
To: Joe Greco <jgreco@ns.sol.net>
Cc: freebsd-hackers@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG
Subject: Re: securelevel and ipfw zero
References: <199907261816.NAA05470@aurora.sol.net>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Joe Greco wrote:
> 
> Hello,
> 
> So, I've a box that I have an ipfw ruleset on.  The firewall should not be
> changeable during runtime, and the box runs at securelevel=3.
> 
> In order to prevent DoS disk-fill attacks, I also have specified
> IPFW_VERBOSE_LIMIT.
> 
> Now, the problem is, in securelevel 3, you cannot zero a rule's counter,
> so basically once you are up and running, you get to log IPFW_VERBOSE_LIMIT
> events and then you lose logging (ideally I'd zero nonzero rules once every
> N minutes).
how about newsyslog? it will save space a much, i think
> 
> Comments?
> 
> ... Joe
> 
> -------------------------------------------------------------------------------
> Joe Greco - Systems Administrator                             jgreco@ns.sol.net
> Solaria Public Access UNIX - Milwaukee, WI                         414/342-4847
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-ipfw" in the body of the message


-- 
 hitower@don.sitek.net | ICQ 21050590 |  Rostov-on-Don, Russia
-----------------------+--------------+--------------------------------
 PGP fingerprint: 2E26 C4FF 6940 1F7E 0188  1684 7B21 CF13 068D AE82


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message