OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Fw-up: Re: periodic/security/550.ipfwlimit - diff for RELENG-5]

From: Peter Lavee (pbltsua.net)
Date: Wed Feb 23 2005 - 11:46:43 CST

Almost forgot - diff need ot be appied only on FreeBSD 5 version of 550.ipfwlimit,
but resulting file can be used on both 4 and 5 releases.

On Wed, Feb 23, 2005 at 03:59:51PM +0100, Alexander Leidinger wrote:

Better version then previos, it will not break order of rules.

awk version, it will work on all 4 and 5 releases, at least those, where IPFW enabled ;-)

Also i removed check for digit+space+digit - it can break things if ipfw output will be significally changed.

diff -u 550.ipfwlimit 550.ipfwlimit.new
=============================>8==============================================================================================
--- 550.ipfwlimit Wed Feb 23 18:54:35 2005
+++ 550.ipfwlimit.new Wed Feb 23 19:19:19 2005
-45,10 +45,10
        TMP=`mktemp -t security`
        IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null`
        if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then
- ipfw -a l | grep " log " | \
- grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
- awk -v limit="$IPFW_LOG_LIMIT" \
- '{if ($2 > limit) {print $0}}' > ${TMP}
+ ipfw -a l | grep " log " \
+ | \
+ awk -v limit="$IPFW_LOG_LIMIT" -v logamount=$6 \
+ '{if ($5 == "logamount") {if ($2 > logamount) {print $0} } else { if ($2 > limit) {print $0} } }' > ${TMP}
            if [ -s "${TMP}" ]; then
                rc=1
                echo ""
=============================>8==============================================================================================
> Bill Moran <wmoranpotentialtech.com> wrote:
>
> >
> >This is great.
> >
> >However, because of the size of the FreeBSD project, it's likely that this
> >will get lost. To ensure that it doesn't, please submit it as a PR
> >(problem report).
>
> While this may work on 4.x, this will not be able to go into 5.x or into
> -current (and it first has to find it's way into -current, else there will
> be no merge to 5.x or 4.x) since we don't have perl in the base system on
> 5.x and -current. I suggest to rewrite this in awk (in the -current version
> of this periodic script) and submit it as a diff.

--
WBR,
Peter Lavee
Hostmaster
Technological Systems
CJVC

_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"