Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 4 Sep 1997 14:13:20 -0600 (MDT)
From:      Marc Slemko <marcs@znep.com>
To:        ArkanoiD <ark@paranoid.convey.ru>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: log connection attempts?
Message-ID:  <Pine.BSF.3.95.970904140908.24903A-100000@alive.znep.com>
In-Reply-To: <199709041309.RAA00931@paranoid.convey.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
[cc list cut down to freebsd-security]

On Thu, 4 Sep 1997, ArkanoiD wrote:

> nuqneH,
> 
> > >> 
> > >> Set these two sysctl variables to non-zero:
> > >> 	net.inet.tcp.log_in_vain: 0
> > >> 	net.inet.udp.log_in_vain: 0
> > >> 
> > >fourth level name log_in_vain in net.inet.tcp.log_in_vain is invalid
> > >
> > >..and i don't remember smth like that when browsing the sources.
> > 
> > Upgrade to 2.2.2 then.
> > 
> > --
> > Poul-Henning Kamp             FreeBSD coreteam member
> > phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
> > 
> I really don't want to ;) i'd prefer a small patch for 2.1.7.1.

So make one.  Below are the two messages that are obvious in the commit
logs which apply.  Get the CVS tree; you can use CVSup, and just get
the sys tree, no need for the whole source tree.

Checkout RELENG_2_1_0.

Do a:

	cvs diff -c -r1.40 -r1.41 tcp_input.c

...and repeat for the other files.

Apply the diff, either manually or with patch (depending on how much
has changed, it may or may not be possible to apply it automatically).
Poof, if all goes well you have it.


phk         96/04/04 02:46:47

  Modified:    sys/netinet  tcp_input.c udp_usrreq.c
  Log:
  Log TCP syn packets for ports we don't listen on.
  Controlled by: sysctl net.inet.tcp.log_in_vain: 1
  
  Log UDP syn packets for ports we don't listen on.
  Controlled by: sysctl net.inet.udp.log_in_vain: 1
  
  Suggested by: Warren Toomey <wkt@cs.adfa.oz.au>
  
  Revision  Changes    Path
  1.41      +13 -2     src/sys/netinet/tcp_input.c
  1.21      +11 -1     src/sys/netinet/udp_usrreq.c

ache        96/04/27 11:19:15

  Modified:    sys/netinet  tcp_input.c udp_usrreq.c
  Log:
  inet_ntoa buffer was evaluated twice in log_in_vain, fix it.
  Thanx to: jdp
  
  Revision  Changes    Path
  1.44      +7 -3      src/sys/netinet/tcp_input.c
  1.23      +7 -3      src/sys/netinet/udp_usrreq.c

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970904140908.24903A-100000>