From vampiro@the.rusunix.org  Thu Jan  9 19:16:00 2003
Return-Path: <vampiro@the.rusunix.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 13D9B37B401
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  9 Jan 2003 19:16:00 -0800 (PST)
Received: from the.rusunix.org (the.rusunix.org [195.162.58.254])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8384E43F13
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  9 Jan 2003 19:15:59 -0800 (PST)
	(envelope-from vampiro@the.rusunix.org)
Received: by the.rusunix.org (Sendmail for UK-NC RT11-SJ, from userid 1111)
	id 5469E1CD662; Fri, 10 Jan 2003 09:13:39 +0600 (OMST)
Message-Id: <20030110031339.5469E1CD662@the.rusunix.org>
Date: Fri, 10 Jan 2003 09:13:39 +0600 (OMST)
From: El Vampiro <vampiro@rusunix.org>
Reply-To: El Vampiro <vampiro@rusunix.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: ipf denied packets of security run output contains nonmatched rules
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         46913
>Category:       conf
>Synopsis:       [ipfilter] denied packets of security run output contains nonmatched rules
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    cy
>State:          suspended
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 09 19:20:00 PST 2003
>Closed-Date:    
>Last-Modified:  Wed Jul 03 05:10:08 UTC 2013
>Originator:     El Vampiro
>Release:        FreeBSD 4.7-STABLE i386
>Organization:
rusunix (https://the.rusunix.org)
>Environment:
System: FreeBSD the.rusunix.org 4.7-STABLE FreeBSD 4.7-STABLE #0: Sat Jan 4 19:11:18 OMST 2003 vampiro@vampiro.rsb.local:/build/usr/src/sys/NEWMONSTER i386

>Description:
	Periodic script 510.ipfdenied prints all of the "block" rules instead
	of rules that blocked packets only.
>How-To-Repeat:
	run /etc/periodic/security/510.ipfdenied
>Fix:

--- 510.ipfdenied.orig	Sat Jan  4 11:36:54 2003
+++ 510.ipfdenied	Fri Jan 10 08:46:48 2003
@@ -42,7 +42,7 @@
 case "$daily_status_security_ipfdenied_enable" in
     [Yy][Ee][Ss])
 	TMP=`mktemp ${TMPDIR:-/tmp}/security.XXXXXXXXXX`
-	if ipfstat -nhio 2>/dev/null | grep block > ${TMP}; then
+	if ipfstat -nhio 2>/dev/null | grep block | grep -v ^0 > ${TMP}; then
 	  check_diff new_only ipf ${TMP} "${host} ipf denied packets:"
 	fi
 	rc=$?

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->darrenr 
Responsible-Changed-By: kris 
Responsible-Changed-When: Mon Jul 14 04:43:48 PDT 2003 
Responsible-Changed-Why:  
Assign to ipfilter author 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46913 
State-Changed-From-To: open->closed 
State-Changed-By: darrenr 
State-Changed-When: Tue Apr 20 06:35:35 PDT 2004 
State-Changed-Why:  


http://www.freebsd.org/cgi/query-pr.cgi?pr=46913 
State-Changed-From-To: closed->suspended 
State-Changed-By: darrenr 
State-Changed-When: Tue Apr 20 06:38:09 PDT 2004 
State-Changed-Why:  
for what it is meant to do, this script is correct. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46913 
State-Changed-From-To: suspended->suspended 
State-Changed-By: linimon 
State-Changed-When: Wed Jul 3 00:50:32 UTC 2013 
State-Changed-Why:  
commit bit has been taken in for safekeeping. 


Responsible-Changed-From-To: darrenr->freebsd-net 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Jul 3 00:50:32 UTC 2013 
Responsible-Changed-Why:  

http://www.freebsd.org/cgi/query-pr.cgi?pr=46913 
Responsible-Changed-From-To: freebsd-net->cy 
Responsible-Changed-By: cy 
Responsible-Changed-When: Wed Jul 3 05:09:50 UTC 2013 
Responsible-Changed-Why:  
Mine. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46913 
>Unformatted:
