Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 21 Aug 1997 06:59:43 -0700 (PDT)
From:      rbickers@intercenter.net
To:        freebsd-gnats-submit@FreeBSD.ORG
Subject:   kern/4351: ipfw logging limit is not fully acknowledged
Message-ID:  <199708211359.GAA21707@hub.freebsd.org>
Resent-Message-ID: <199708211400.HAA21777@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help 


>Number:         4351
>Category:       kern
>Synopsis:       ipfw logging limit is not fully acknowledged
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 21 07:00:01 PDT 1997
>Last-Modified:
>Originator:     Ron Bickers
>Organization:
The Internet Center, Inc.
>Release:        2.2-stable
>Environment:
FreeBSD atlantis.intercenter.net 2.2-STABLE FreeBSD 2.2-STABLE #0: Wed Aug 20 11:10:45 EDT 1997
     rbickers@atlantis.intercenter.net:/usr/src/sys/compile/atlantis  i386

>Description:
When the ipfw logging limit is reached, partial information is
still displayed.  Sample output follows:

ipfw: 1900 Deny UDP 207.211.129.97:137 207.211.128.12:137 in via ep0
ipfw: limit reached on rule #1900
ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny
 ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Den

>How-To-Repeat:
Force the limit of any ipfw logging rule to be reached and look
at the console or dmesg

>Fix:
The following patch to /usr/src/sys/netinet/ip_fw.c works for me.

--- ip_fw.c.old Wed Aug 20 10:30:26 1997
+++ ip_fw.c     Wed Aug 20 11:02:16 1997
@@ -259,6 +259,10 @@
        struct icmp *const icmp = (struct icmp *) ((u_long *) ip + ip->ip_hl);
        int count;
 
+       count = f ? f->fw_pcnt : ++counter;
+       if (fw_verbose_limit != 0 && count > fw_verbose_limit)
+               return;
+
        /* Print command name */
        printf("ipfw: %d ", f ? f->fw_number : -1);
        if (!f)
@@ -295,9 +299,6 @@
                }
        printf(" ");
 
-       count = f ? f->fw_pcnt : ++counter;
-       if (fw_verbose_limit != 0 && count > fw_verbose_limit)
-               return;
        switch (ip->ip_p) {
        case IPPROTO_TCP:
                printf("TCP ");

>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708211359.GAA21707>