conf/96247: [patch] 550.ipfwlimit reports logs even if log size is not limited.

Tsurutani Naoki turutani at scphys.kyoto-u.ac.jp
Tue Jul 11 09:46:41 UTC 2006


In either case of logamount is set to 0 or net.inet.ip.fw.verbose_limit is 0,
the limit of loging should be removed; 0 is not "0",
and "ipfw log limit" is not reached.

Here is a new patch:

--- etc/periodic/security/550.ipfwlimit.orig   Mon Apr 24 13:27:37 2006
+++ etc/periodic/security/550.ipfwlimit	Wed May 10 07:00:10 2006
@@ -51,10 +51,10 @@
 	grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
 	awk -v limit="$IPFW_LOG_LIMIT" \
 		'{if ($6 == "logamount") {
-			if ($2 > $7)
+			if ($7 != 0 && $2 > $7)
 				{print $0}
 		} else {
-			if ($2 > limit)
+			if (limit != 0 && $2 > limit)
 				{print $0}}
 		}' > ${TMP}



More information about the freebsd-bugs mailing list