| 550.ipfwlimit (107674) | 550.ipfwlimit (117088) |
|---|---|
| 1#!/bin/sh - 2# 3# Copyright (c) 2001 The FreeBSD Project 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: --- 10 unchanged lines hidden (view full) --- 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26# | 1#!/bin/sh - 2# 3# Copyright (c) 2001 The FreeBSD Project 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: --- 10 unchanged lines hidden (view full) --- 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26# |
| 27# $FreeBSD: head/etc/periodic/security/550.ipfwlimit 107674 2002-12-07 23:37:44Z keramida $ | 27# $FreeBSD: head/etc/periodic/security/550.ipfwlimit 117088 2003-06-30 22:06:26Z mtm $ |
| 28# 29 30# Show ipfw rules which have reached the log limit 31# 32 33# If there is a global system configuration file, suck it in. 34# 35if [ -r /etc/defaults/periodic.conf ] 36then 37 . /etc/defaults/periodic.conf 38 source_periodic_confs 39fi 40 41rc=0 42 43case "$daily_status_security_ipfwlimit_enable" in 44 [Yy][Ee][Ss]) | 28# 29 30# Show ipfw rules which have reached the log limit 31# 32 33# If there is a global system configuration file, suck it in. 34# 35if [ -r /etc/defaults/periodic.conf ] 36then 37 . /etc/defaults/periodic.conf 38 source_periodic_confs 39fi 40 41rc=0 42 43case "$daily_status_security_ipfwlimit_enable" in 44 [Yy][Ee][Ss]) |
| 45 TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX` | 45 TMP=`mktemp -t security` |
| 46 IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` 47 if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then 48 ipfw -a l | grep " log " | \ 49 grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \ 50 awk -v limit="$IPFW_LOG_LIMIT" \ 51 '{if ($2 > limit) {print $0}}' > ${TMP} 52 if [ -s "${TMP}" ]; then 53 rc=1 54 echo "" 55 echo 'ipfw log limit reached:' 56 cat ${TMP} 57 fi 58 fi 59 rm -f ${TMP};; 60 *) rc=0;; 61esac 62 63exit $rc | 46 IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` 47 if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then 48 ipfw -a l | grep " log " | \ 49 grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \ 50 awk -v limit="$IPFW_LOG_LIMIT" \ 51 '{if ($2 > limit) {print $0}}' > ${TMP} 52 if [ -s "${TMP}" ]; then 53 rc=1 54 echo "" 55 echo 'ipfw log limit reached:' 56 cat ${TMP} 57 fi 58 fi 59 rm -f ${TMP};; 60 *) rc=0;; 61esac 62 63exit $rc |