cvs commit: src/etc syslog.conf
Gleb Smirnoff
glebius at freebsd.org
Tue Feb 22 08:26:02 GMT 2005
On Tue, Feb 22, 2005 at 02:20:40AM -0600, Mike Silbersack wrote:
M> > Security: this change fixes a DoS condition, when default system
M> > console is serial, and box is flooded with bogus ARP
M> > packets
M>
M> Go rate-limit those messages, like we do with other kernel messages. grep
M> for "ppsratecheck" in /usr/src/sys/kern to see the other users of that
M> function.
M>
M> If losing information about the flood is an issue, you could use
M> ppsratecheck to ensure that a generic "arp flood" message goes to the
M> console, but the actual messages are sent with a lower priority.
No information is lost. All kern.debug is written to /var/log/messages.
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
More information about the cvs-all
mailing list