From owner-freebsd-bugs  Thu Aug 21 07:00:04 1997
Return-Path: <owner-freebsd-bugs>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id HAA21810
          for bugs-outgoing; Thu, 21 Aug 1997 07:00:04 -0700 (PDT)
Received: (from gnats@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id HAA21777;
          Thu, 21 Aug 1997 07:00:01 -0700 (PDT)
Resent-Date: Thu, 21 Aug 1997 07:00:01 -0700 (PDT)
Resent-Message-Id: <199708211400.HAA21777@hub.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, rbickers@intercenter.net
Received: (from nobody@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id GAA21707;
          Thu, 21 Aug 1997 06:59:43 -0700 (PDT)
Message-Id: <199708211359.GAA21707@hub.freebsd.org>
Date: Thu, 21 Aug 1997 06:59:43 -0700 (PDT)
From: rbickers@intercenter.net
To: freebsd-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: www-1.0
Subject: kern/4351: ipfw logging limit is not fully acknowledged
Sender: owner-freebsd-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


>Number:         4351
>Category:       kern
>Synopsis:       ipfw logging limit is not fully acknowledged
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 21 07:00:01 PDT 1997
>Last-Modified:
>Originator:     Ron Bickers
>Organization:
The Internet Center, Inc.
>Release:        2.2-stable
>Environment:
FreeBSD atlantis.intercenter.net 2.2-STABLE FreeBSD 2.2-STABLE #0: Wed Aug 20 11:10:45 EDT 1997
     rbickers@atlantis.intercenter.net:/usr/src/sys/compile/atlantis  i386

>Description:
When the ipfw logging limit is reached, partial information is
still displayed.  Sample output follows:

ipfw: 1900 Deny UDP 207.211.129.97:137 207.211.128.12:137 in via ep0
ipfw: limit reached on rule #1900
ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny
 ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Deny ipfw: 1900 Den

>How-To-Repeat:
Force the limit of any ipfw logging rule to be reached and look
at the console or dmesg

>Fix:
The following patch to /usr/src/sys/netinet/ip_fw.c works for me.

--- ip_fw.c.old Wed Aug 20 10:30:26 1997
+++ ip_fw.c     Wed Aug 20 11:02:16 1997
@@ -259,6 +259,10 @@
        struct icmp *const icmp = (struct icmp *) ((u_long *) ip + ip->ip_hl);
        int count;
 
+       count = f ? f->fw_pcnt : ++counter;
+       if (fw_verbose_limit != 0 && count > fw_verbose_limit)
+               return;
+
        /* Print command name */
        printf("ipfw: %d ", f ? f->fw_number : -1);
        if (!f)
@@ -295,9 +299,6 @@
                }
        printf(" ");
 
-       count = f ? f->fw_pcnt : ++counter;
-       if (fw_verbose_limit != 0 && count > fw_verbose_limit)
-               return;
        switch (ip->ip_p) {
        case IPPROTO_TCP:
                printf("TCP ");

>Audit-Trail:
>Unformatted: