Page MenuHomeFreeBSD
Differential D5913 Diff 17239 head/etc/periodic/security/520.pfdenied

Changeset View

Standalone View

View Options

head/etc/periodic/security/520.pfdenied

Show All 38 Lines
security_daily_compat_var security_status_pfdenied_enable security_daily_compat_var security_status_pfdenied_enable
rc=0 rc=0
if check_yesno_period security_status_pfdenied_enable if check_yesno_period security_status_pfdenied_enable
then then
TMP=`mktemp -t security` TMP=`mktemp -t security`
if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then touch ${TMP}
for _a in "" blacklistd
do
pfctl -a ${_a} -sr -v -z 2>/dev/null | \
nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP}
done
if [ -s ${TMP} ]; then
check_diff new_only pf ${TMP} "${host} pf denied packets:" check_diff new_only pf ${TMP} "${host} pf denied packets:"
fi fi
rc=$? rc=$?
rm -f ${TMP} rm -f ${TMP}
fi fi
exit $rc exit $rc