This is a nice idea, here's another twist on it. How about an addition in
/proc to turn reporting on/off for various things. This would be
immensely beneficial for the following reason: you're system is happily
trotting along, noting messages every once in a while. things are good.
*blam* someone hits you with slice off a fast link, hitting you at about
10,000 packets per second (slice == new SYN flood attack). your system is
now dead in the water trying to log these.
a userland daemon (pay attention people that think everything should be in
the kernel :P) notices the flood and toggles /proc/something/to/toggle from
a 1 to a 0 and syslog breathes a sigh of relief and notes a tiny message
that the daemon directed logging be shut down.
the machine is alive again very quickly and when the attack dies, the
userland daemon toggles things back.
a /proc/someplace/for/a/bunch/of/tunable/toggles (or sysctl) would be
excellent, not just for the above example, but for many others, let your
mind wander. dynamic adjustment is one of our greatest achievements.
trying to turn off a 1500 rule firewall isn't easy. toggling a single
entry is.
comments?
-d
-- Look, Windows 98 Buy, lemmings, buy! MCSE, Must Consult Someone Experienced (c) 1998 David Ford. Redistribution via the Microsoft Network is prohibited. for linux-kernel: please read linux/Documentation/* before posting problems
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/