Set ipsec_policy_log_interval to 0 by default
People who use IPsec will get messages of the form:
Jul 14 12:25:17 neuromancer ip: [ID 372019 kern.error] ipsec_check_global_policy: Policy Failure for the incoming packet (not secure); Source 010.001.001.137, Destination 224.000.000.251.
More often than not. These are not actionable notices, but may be of interest to an administrator who notices increases in ip:0:ipdrop kstats.
The rates of these messages are controlled by the ipsec_policy_log_interval variable. If it's set to 0, it should not print anything. This bug/RFE requests that it be set to 0 by default.
Updated by Electric Monk almost 8 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
commit 05b5eb98f5af5545cf01e97712cca09c5293fe9a Author: Dan McDonald <email@example.com> Date: 2014-07-15T00:28:46.000Z 5000 Set ipsec_policy_log_interval to 0 by default Reviewed by: Gordon Ross <firstname.lastname@example.org> Reviewed by: Jason King <email@example.com> Reviewed by: Garrett D'Amore <firstname.lastname@example.org> Approved by: Garrett D'Amore <email@example.com>