svn commit: r295452 - head/etc/periodic/security
Kurt Lidl
lidl at FreeBSD.org
Tue Feb 9 21:00:40 UTC 2016
Author: lidl
Date: Tue Feb 9 21:00:38 2016
New Revision: 295452
URL: https://svnweb.freebsd.org/changeset/base/295452
Log:
Zero pf rule counters so daily reports make sense
Zero pf rule counters so that each daily report lists an absolute
number of rejected packets, not the total since the last time the
machine rebooted (or the counters were manually cleared).
PR: 206467
Submitted by: Rick Adams
Approved by: rpaulo (mentor)
Differential Revision: https://reviews.freebsd.org/D5172
Modified:
head/etc/periodic/security/520.pfdenied
Modified: head/etc/periodic/security/520.pfdenied
==============================================================================
--- head/etc/periodic/security/520.pfdenied Tue Feb 9 20:22:35 2016 (r295451)
+++ head/etc/periodic/security/520.pfdenied Tue Feb 9 21:00:38 2016 (r295452)
@@ -44,7 +44,7 @@ rc=0
if check_yesno_period security_status_pfdenied_enable
then
TMP=`mktemp -t security`
- if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
+ if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
check_diff new_only pf ${TMP} "${host} pf denied packets:"
fi
rc=$?
More information about the svn-src-head
mailing list