550.ipfwlimit revision 149989 
1219019Sgabor#!/bin/sh -
2219019Sgabor#
3219019Sgabor# Copyright (c) 2001  The FreeBSD Project
4219019Sgabor# All rights reserved.
5219019Sgabor#
6219019Sgabor# Redistribution and use in source and binary forms, with or without
7219019Sgabor# modification, are permitted provided that the following conditions
8219019Sgabor# are met:
9219019Sgabor# 1. Redistributions of source code must retain the above copyright
10219019Sgabor#    notice, this list of conditions and the following disclaimer.
11219019Sgabor# 2. Redistributions in binary form must reproduce the above copyright
12219019Sgabor#    notice, this list of conditions and the following disclaimer in the
13219019Sgabor#    documentation and/or other materials provided with the distribution.
14219019Sgabor#
15219019Sgabor# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16219019Sgabor# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17219019Sgabor# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18219019Sgabor# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19219019Sgabor# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20219019Sgabor# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21219019Sgabor# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22219019Sgabor# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23219019Sgabor# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24219019Sgabor# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25219019Sgabor# SUCH DAMAGE.
26219019Sgabor#
27219019Sgabor# $FreeBSD: head/etc/periodic/security/550.ipfwlimit 149989 2005-09-11 14:29:58Z maxim $
28219019Sgabor#
29219019Sgabor
30219019Sgabor# Show ipfw rules which have reached the log limit
31219019Sgabor#
32219019Sgabor
33219019Sgabor# If there is a global system configuration file, suck it in.
34219019Sgabor#
35219019Sgaborif [ -r /etc/defaults/periodic.conf ]
36219019Sgaborthen
37219019Sgabor    . /etc/defaults/periodic.conf
38219019Sgabor    source_periodic_confs
39219019Sgaborfi
40219019Sgabor
41219019Sgaborrc=0
42219019Sgabor
43219019Sgaborcase "$daily_status_security_ipfwlimit_enable" in
44219019Sgabor    [Yy][Ee][Ss])
45219019Sgabor	IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null`
46219019Sgabor	if [ $? -ne 0 ]; then
47219019Sgabor		exit 0
48219019Sgabor	fi
49219019Sgabor	TMP=`mktemp -t security`
50219019Sgabor	ipfw -a list | grep " log " | \
51219019Sgabor	grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
52219019Sgabor	awk -v limit="$IPFW_LOG_LIMIT" \
53219019Sgabor		'{if ($6 == "logamount") {
54219019Sgabor			if ($2 > $7)
55219019Sgabor				{print $0}
56219019Sgabor		} else {
57219019Sgabor			if ($2 > limit)
58219019Sgabor				{print $0}}
59219019Sgabor		}' > ${TMP}
60219019Sgabor
61219019Sgabor	if [ -s "${TMP}" ]; then
62219019Sgabor		rc=1
63219019Sgabor		echo ""
64219019Sgabor		echo 'ipfw log limit reached:'
65219019Sgabor		cat ${TMP}
66219019Sgabor	fi
67219019Sgabor	rm -f ${TMP};;
68219019Sgabor    *)	rc=0;;
69219019Sgaboresac
70219019Sgabor
71219019Sgaborexit $rc
72219019Sgabor