OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
FreeBSD Security Archives: Re: ipfw question

Re: ipfw question

Rodney W. Grimes (freebsdgndrsh.dnsmgr.net)
Sat, 11 Sep 1999 21:07:50 -0700 (PDT)

> I am using FreeBSD2.2.8 Stable with IPFW enalbed with logging.
>
> ipfw: 2600 Deny P:54 204.210.42.217 209.157.122.88 in via ep0
>
> What does the "P:54" mean? Just wondering.

Protocol 54, I would say see /etc/protocols, but it depends on how
new your code is, anyway here is what IANA says about it:
    54 NARP NBMA Address Resolution Protocol [RFC1735]

>
> --
>
> Also does anyone know if IP Filters (or ipfw) let you limit logging
> depending on the rate at which the rule is applied?

Not that I am aware of, now would someone please code this up
so I can be wrong :-)

>
> If I don't have a limit, my server panicked before because of an overload
> of denied packets (while logging was enabled) so I now have a limit of 150
> packets that get logged. I want to be able to log at the same time also
> not over log (not get it to run out of buffer and panic).
>
> I need to stop logging if and only if the rate at which they rules are
> getting applied passes a certain point and then continue again once the
> rate drecreases.
>
> Is this doable? Do I make sense any bit? Is this stupid? Thanks.

Yes. Yes. No. Your welcome for the little help I could be. 

-- 
Rod Grimes - KD7CAX - (RWG25)                    rgrimesgndrsh.dnsmgr.net

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

This archive was generated by hypermail 2.0b3 on Sat Sep 11 1999 - 23:07:17 CDT