d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Zero pf rule counters so daily reports make sense

Browse Source 
Zero pf rule counters so that each daily report lists an absolute
number of rejected packets, not the total since the last time the
machine rebooted (or the counters were manually cleared).

PR:		206467
Submitted by:	Rick Adams
Approved by:	rpaulo (mentor)
Differential Revision:	https://reviews.freebsd.org/D5172
This commit is contained in:
Kurt Lidl 2016-02-09 21:00:38 +00:00
parent b28cc462ad
commit bd5ca94caa
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
etc/periodic/security/520.pfdenied
View File

@ -44,7 +44,7 @@ rc=0
if check_yesno_period security_status_pfdenied_enable
then
TMP=`mktemp -t security`
if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
check_diff new_only pf ${TMP} "${host} pf denied packets:"
fi
rc=$?