Changeset View
Changeset View
Standalone View
Standalone View
etc/periodic/security/520.pfdenied
| Context not available. | |||||
| if check_yesno_period security_status_pfdenied_enable | if check_yesno_period security_status_pfdenied_enable | ||||
| then | then | ||||
| TMP=`mktemp -t security` | TMP=`mktemp -t security` | ||||
| if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then | touch ${TMP} | ||||
| check_diff new_only pf ${TMP} "${host} pf denied packets:" | for _a in "" "blacklistd" | ||||
sjg: fwiw there is no need to comment blacklistd | |||||
lidlAuthorUnsubmitted Not Done Inline ActionsFixed in my local repository, will be fixed when I post the next review update / commit the code. lidl: Fixed in my local repository, will be fixed when I post the next review update / commit the… | |||||
| do | |||||
| pfctl -a ${_a} -sr -v -z 2>/dev/null | \ | |||||
| nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP} | |||||
Not Done Inline ActionsWhy enforcing nawk and not using the regular awk? bapt: Why enforcing nawk and not using the regular awk? | |||||
Not Done Inline ActionsI am just using what was there before - I don't know why it is currently specified as 'nawk'. lidl: I am just using what was there before - I don't know why it is currently specified as 'nawk'.
| |||||
Not Done Inline ActionsIt came from rS138061. This one is the only case of nawk in etc/ (vs. 31 awk). It probably makes sense to switch it in a separate commit. emaste: It came from rS138061. This one is the only case of `nawk` in etc/ (vs. 31 `awk`). It probably… | |||||
| done | |||||
| if [ -s ${TMP} ]; then | |||||
| check_diff new_only pf ${TMP} "${host} pf denied packets:" | |||||
| fi | fi | ||||
| rc=$? | rc=$? | ||||
| rm -f ${TMP} | rm -f ${TMP} | ||||
| Context not available. | |||||
fwiw there is no need to comment blacklistd