kern/155927: [ipfw] ipfw stops to check bags for compliance with
the rules, letting everything Rules
Ian Smith
smithi at nimnet.asn.au
Wed Mar 30 09:35:20 UTC 2011
On Mon, 28 Mar 2011, Marcin Wisnicki wrote:
> On Mon, 28 Mar 2011 17:51:06 +1100, Ian Smith wrote:
>
> > On Mon, 28 Mar 2011, Luigi Rizzo wrote:
> > > On Mon, Mar 28, 2011 at 06:14:20AM +0000, linimon at freebsd.org wrote:
> > > > Old Synopsis: Ipfw stops to check bags for compliance with the
> > > > rules, letting everything Rules New Synopsis: [ipfw] ipfw stops to
> > > > check bags for compliance with the rules, letting everything Rules
> > > >
> > > > Responsible-Changed-From-To: freebsd-standards->freebsd-ipfw
> > > > Responsible-Changed-By: linimon
> > > > Responsible-Changed-When: Mon Mar 28 06:13:10 UTC 2011
> > > > Responsible-Changed-Why:
> > > > reclassify, although I do not think there is enough information
> > > > here to proceed.
> > >
> > > interesting use of the term 'bag' for 'packet'!
> >
> > Even with that cleared up, I can't make out what it may have to do with
> > syslogging .. perhaps one of our Russian speakers could intermediate?
> >
>
> I think it means that if newsyslog rotates /var/log/security then ipfw
> warnings are not logged anymore ;)
I've tried imagining how that could happen, without success - unless
/var/log/security somehow wasn't truncated by newsyslog on rotation?
% grep security /etc/*syslog.conf
/etc/syslog.conf:security.* /var/log/security
/etc/newsyslog.conf:/var/log/security 640 21 500 * J
> I haven't seen such behaviour myself and that file is handled by syslog
> just like many others.
+1. Smells a bit like permissions .. from thousands of miles away :)
cheers, Ian
More information about the freebsd-ipfw
mailing list