Add the DragonFly cvs id and perform general cleanups on cvs/rcs/sccs ids. Most
[dragonfly.git] / etc / periodic / security / 650.ip6fwlimit
CommitLineData
984263bc
MD
1#!/bin/sh -
2#
3# Copyright (c) 2001 The FreeBSD Project
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
9# 1. Redistributions of source code must retain the above copyright
10# notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright
12# notice, this list of conditions and the following disclaimer in the
13# documentation and/or other materials provided with the distribution.
14#
15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26#
27# $FreeBSD: src/etc/periodic/security/650.ip6fwlimit,v 1.2.2.3 2002/08/28 05:13:53 cjc Exp $
1de703da 28# $DragonFly: src/etc/periodic/security/650.ip6fwlimit,v 1.2 2003/06/17 04:24:48 dillon Exp $
984263bc
MD
29#
30
31# Show ip6fw rules which have reached the log limit
32#
33
34# If there is a global system configuration file, suck it in.
35#
36if [ -r /etc/defaults/periodic.conf ]
37then
38 . /etc/defaults/periodic.conf
39 source_periodic_confs
40fi
41
42rc=0
43
44case "$daily_status_security_ip6fwlimit_enable" in
45 [Yy][Ee][Ss])
46 TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
47 IP6FW_LOG_LIMIT=`sysctl -n net.inet6.ip6.fw.verbose_limit 2> /dev/null`
48 if [ $? -eq 0 ] && [ "${IP6FW_LOG_LIMIT}" -ne 0 ]; then
49 ip6fw -a l | grep " log " | perl -n -e \
50 '/^\d+\s+(\d+)/; print if ($1 >= '$IP6FW_LOG_LIMIT')' > ${TMP}
51 if [ -s "${TMP}" ]; then
52 rc=1
53 echo ""
54 echo 'ip6fw log limit reached:'
55 cat ${TMP}
56 fi
57 fi
58 rm -f ${TMP};;
59 *) rc=0;;
60esac
61
62exit $rc