Date: Sat, 11 Sep 1999 21:07:50 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: aj@entic.net (Anil Jangity) Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw question Message-ID: <199909120407.VAA30134@gndrsh.dnsmgr.net> In-Reply-To: <Pine.BSF.4.10.9909112040550.8937-100000@shell.entic.net> from Anil Jangity at "Sep 11, 1999 08:43:11 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> I am using FreeBSD2.2.8 Stable with IPFW enalbed with logging.
>
> ipfw: 2600 Deny P:54 204.210.42.217 209.157.122.88 in via ep0
>
> What does the "P:54" mean? Just wondering.
Protocol 54, I would say see /etc/protocols, but it depends on how
new your code is, anyway here is what IANA says about it:
54 NARP NBMA Address Resolution Protocol [RFC1735]
>
> --
>
> Also does anyone know if IP Filters (or ipfw) let you limit logging
> depending on the rate at which the rule is applied?
Not that I am aware of, now would someone please code this up
so I can be wrong :-)
>
> If I don't have a limit, my server panicked before because of an overload
> of denied packets (while logging was enabled) so I now have a limit of 150
> packets that get logged. I want to be able to log at the same time also
> not over log (not get it to run out of buffer and panic).
>
> I need to stop logging if and only if the rate at which they rules are
> getting applied passes a certain point and then continue again once the
> rate drecreases.
>
> Is this doable? Do I make sense any bit? Is this stupid? Thanks.
Yes. Yes. No. Your welcome for the little help I could be.
--
Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909120407.VAA30134>