periodic/security/550.ipfwlimit

198090Srdivacky#!/bin/sh -
198090Srdivacky#
198090Srdivacky# Copyright (c) 2001  The FreeBSD Project
198090Srdivacky# All rights reserved.
198090Srdivacky#
198090Srdivacky# Redistribution and use in source and binary forms, with or without
198090Srdivacky# modification, are permitted provided that the following conditions
198090Srdivacky# are met:
198090Srdivacky# 1. Redistributions of source code must retain the above copyright
226633Sdim#    notice, this list of conditions and the following disclaimer.
226633Sdim# 2. Redistributions in binary form must reproduce the above copyright
226633Sdim#    notice, this list of conditions and the following disclaimer in the
202878Srdivacky#    documentation and/or other materials provided with the distribution.
202878Srdivacky#
202878Srdivacky# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
223017Sdim# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
218893Sdim# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
198090Srdivacky# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
198090Srdivacky# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
198090Srdivacky# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
226633Sdim# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
226633Sdim# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
224145Sdim# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
226633Sdim# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
226633Sdim# SUCH DAMAGE.
198090Srdivacky#
226633Sdim# $FreeBSD: head/etc/periodic/security/550.ipfwlimit 87852 2001-12-14 08:58:21Z ru $
212904Sdim#
226633Sdim
224145Sdim# Show ipfw rules which have reached the log limit
226633Sdim#
202878Srdivacky
212904Sdim# If there is a global system configuration file, suck it in.
202878Srdivacky#
224145Sdimif [ -r /etc/defaults/periodic.conf ]
198090Srdivackythen
198090Srdivacky    . /etc/defaults/periodic.conf
218893Sdim    source_periodic_confs
218893Sdimfi
218893Sdim
218893SdimTMP=/var/run/_secure.$$
234353Sdimrc=0
234353Sdim
226633Sdimcase "$daily_status_security_ipfwlimit_enable" in
224145Sdim    [Yy][Ee][Ss])
198090Srdivacky	IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null`
234353Sdim	if [ $? -eq 0 ] && [ "${IPFW_LOG_LIMIT}" -ne 0 ]; then
198090Srdivacky	    ipfw -a l | grep " log " | perl -n -e \
234353Sdim		'/^\d+\s+(\d+)/; print if ($1 >= '$IPFW_LOG_LIMIT')' > ${TMP}
234353Sdim	    if [ -s "${TMP}" ]; then
234353Sdim		rc=1
226633Sdim		echo ""
226633Sdim		echo 'ipfw log limit reached:'
226633Sdim		cat ${TMP}
226633Sdim	    fi
226633Sdim	fi
226633Sdim	rm -f ${TMP};;
226633Sdim    *)	rc=0;;
226633Sdimesac
226633Sdim
226633Sdimexit $rc
226633Sdim