550.ipfwlimit revision 149989
1219019Sgabor#!/bin/sh - 2219019Sgabor# 3219019Sgabor# Copyright (c) 2001 The FreeBSD Project 4219019Sgabor# All rights reserved. 5219019Sgabor# 6219019Sgabor# Redistribution and use in source and binary forms, with or without 7219019Sgabor# modification, are permitted provided that the following conditions 8219019Sgabor# are met: 9219019Sgabor# 1. Redistributions of source code must retain the above copyright 10219019Sgabor# notice, this list of conditions and the following disclaimer. 11219019Sgabor# 2. Redistributions in binary form must reproduce the above copyright 12219019Sgabor# notice, this list of conditions and the following disclaimer in the 13219019Sgabor# documentation and/or other materials provided with the distribution. 14219019Sgabor# 15219019Sgabor# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16219019Sgabor# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17219019Sgabor# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18219019Sgabor# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19219019Sgabor# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20219019Sgabor# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21219019Sgabor# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22219019Sgabor# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23219019Sgabor# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24219019Sgabor# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25219019Sgabor# SUCH DAMAGE. 26219019Sgabor# 27219019Sgabor# $FreeBSD: head/etc/periodic/security/550.ipfwlimit 149989 2005-09-11 14:29:58Z maxim $ 28219019Sgabor# 29219019Sgabor 30219019Sgabor# Show ipfw rules which have reached the log limit 31219019Sgabor# 32219019Sgabor 33219019Sgabor# If there is a global system configuration file, suck it in. 34219019Sgabor# 35219019Sgaborif [ -r /etc/defaults/periodic.conf ] 36219019Sgaborthen 37219019Sgabor . /etc/defaults/periodic.conf 38219019Sgabor source_periodic_confs 39219019Sgaborfi 40219019Sgabor 41219019Sgaborrc=0 42219019Sgabor 43219019Sgaborcase "$daily_status_security_ipfwlimit_enable" in 44219019Sgabor [Yy][Ee][Ss]) 45219019Sgabor IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` 46219019Sgabor if [ $? -ne 0 ]; then 47219019Sgabor exit 0 48219019Sgabor fi 49219019Sgabor TMP=`mktemp -t security` 50219019Sgabor ipfw -a list | grep " log " | \ 51219019Sgabor grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \ 52219019Sgabor awk -v limit="$IPFW_LOG_LIMIT" \ 53219019Sgabor '{if ($6 == "logamount") { 54219019Sgabor if ($2 > $7) 55219019Sgabor {print $0} 56219019Sgabor } else { 57219019Sgabor if ($2 > limit) 58219019Sgabor {print $0}} 59219019Sgabor }' > ${TMP} 60219019Sgabor 61219019Sgabor if [ -s "${TMP}" ]; then 62219019Sgabor rc=1 63219019Sgabor echo "" 64219019Sgabor echo 'ipfw log limit reached:' 65219019Sgabor cat ${TMP} 66219019Sgabor fi 67219019Sgabor rm -f ${TMP};; 68219019Sgabor *) rc=0;; 69219019Sgaboresac 70219019Sgabor 71219019Sgaborexit $rc 72219019Sgabor