Changeset View
Changeset View
Standalone View
Standalone View
head/etc/periodic/security/520.pfdenied
Show All 38 Lines | |||||
security_daily_compat_var security_status_pfdenied_enable | security_daily_compat_var security_status_pfdenied_enable | ||||
rc=0 | rc=0 | ||||
if check_yesno_period security_status_pfdenied_enable | if check_yesno_period security_status_pfdenied_enable | ||||
then | then | ||||
TMP=`mktemp -t security` | TMP=`mktemp -t security` | ||||
if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then | touch ${TMP} | ||||
for _a in "" blacklistd | |||||
do | |||||
pfctl -a ${_a} -sr -v -z 2>/dev/null | \ | |||||
nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP} | |||||
done | |||||
if [ -s ${TMP} ]; then | |||||
check_diff new_only pf ${TMP} "${host} pf denied packets:" | check_diff new_only pf ${TMP} "${host} pf denied packets:" | ||||
fi | fi | ||||
rc=$? | rc=$? | ||||
rm -f ${TMP} | rm -f ${TMP} | ||||
fi | fi | ||||
exit $rc | exit $rc |