Bug 10488

Summary:	No rate limiting for LOG rules
Product:	IPFire	Reporter:	Michael Tremer <michael.tremer>
Component:	---	Assignee:	Michael Tremer <michael.tremer>
Status:	CLOSED FIXED	QA Contact:
Severity:	- Unknown -
Priority:	- Unknown -	CC:	alexander.marx, stefan.schantl
Version:	2
Hardware:	unspecified
OS:	Unspecified
Bug Depends on:
Bug Blocks:	10486

Description Michael Tremer 2014-03-03 08:55:33 UTC

All log rules of the new firewall GUI do not have rate limiting. Therefore, it is very easy to generate hundreds of log messages a second which will fill the logs and consume disk space.

This can be used as a DoS attack, so too much logging should be prohibited.

Comment 1 Michael Tremer 2014-03-04 14:17:21 UTC

http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=3bb4bb3fa136224792e7dbbcf8b4f801a5565284