etc/periodic/security/550.ipfwlimit

   1 #!/bin/sh -
   2 #
   3 # Copyright (c) 2001  The FreeBSD Project
   4 # All rights reserved.
   5 #
   6 # Redistribution and use in source and binary forms, with or without
   7 # modification, are permitted provided that the following conditions
   8 # are met:
   9 # 1. Redistributions of source code must retain the above copyright
  10 #    notice, this list of conditions and the following disclaimer.
  11 # 2. Redistributions in binary form must reproduce the above copyright
  12 #    notice, this list of conditions and the following disclaimer in the
  13 #    documentation and/or other materials provided with the distribution.
  14 #
  15 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  16 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  17 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  18 # ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  19 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  20 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  21 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  22 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  23 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  24 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  25 # SUCH DAMAGE.
  26 #
  27 # $FreeBSD: head/etc/periodic/security/550.ipfwlimit 254974 2013-08-27 21:20:28Z jlh $
  28 #
  29
  30 # Show ipfw rules which have reached the log limit
  31 #
  32
  33 # If there is a global system configuration file, suck it in.
  34 #
  35 if [ -r /etc/defaults/periodic.conf ]
  36 then
  37     . /etc/defaults/periodic.conf
  38     source_periodic_confs
  39 fi
  40
  41 security_daily_compat_var security_status_ipfwlimit_enable
  42
  43 rc=0
  44
  45 if check_yesno_period security_status_ipfwlimit_enable
  46 then
  47         IPFW_VERBOSE=`sysctl -n net.inet.ip.fw.verbose 2> /dev/null`
  48         if [ $? -ne 0 ] || [ "$IPFW_VERBOSE" -eq 0 ]; then
  49                 exit 0
  50         fi
  51         TMP=`mktemp -t security`
  52         ipfw -a list | grep " log " | \
  53         grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
  54         awk \
  55                 '{if ($6 == "logamount") {
  56                         if ($2 > $7)
  57                                 {print $0}}
  58                 }' > ${TMP}
  59
  60         if [ -s "${TMP}" ]; then
  61                 rc=1
  62                 echo ""
  63                 echo 'ipfw log limit reached:'
  64                 cat ${TMP}
  65         fi
  66         rm -f ${TMP}
  67 fi
  68
  69 exit $rc