From owner-freebsd-bugs Thu Jul 27 11: 0:10 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 38E8937BE9F for ; Thu, 27 Jul 2000 11:00:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id LAA94436; Thu, 27 Jul 2000 11:00:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Date: Thu, 27 Jul 2000 11:00:03 -0700 (PDT) Message-Id: <200007271800.LAA94436@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Stephen Montgomery-Smith Subject: Re: kern/20198: log setup of dynamic rules for ipfw Reply-To: Stephen Montgomery-Smith Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR kern/20198; it has been noted by GNATS. From: Stephen Montgomery-Smith To: Neil Blakey-Milner Cc: sheldonh@FreeBSD.ORG, freebsd-bugs@FreeBSD.ORG Subject: Re: kern/20198: log setup of dynamic rules for ipfw Date: Thu, 27 Jul 2000 12:06:24 -0500 This is a multi-part message in MIME format. --------------CC956E7E3750E59FCE350FBF Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit OK, how about this: Neil Blakey-Milner wrote: > > On Thu 2000-07-27 (10:38), Stephen Montgomery-Smith wrote: > > > > add pass log logamount 10 from any to any 22 keep-state > > > > > > What about: > > > > > > add pass log logamount 10 from any to any 22 setup keep-state > > > > > > > That doesn't seem to work for me. > > Then that is the problem. No need to add new semantics when the above > is the obvious way it should function. If you can determine why it > doesn't work, then that's the fix. > --------------CC956E7E3750E59FCE350FBF Content-Type: text/plain; charset=us-ascii; name="ddd" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="ddd" --- /sys/netinet/ip_fw.c Sat Jul 15 19:25:45 2000 +++ sys/netinet/ip_fw.c Thu Jul 27 11:47:19 2000 @@ -1215,8 +1215,18 @@ f->timestamp = time_second; /* Log to console if desired */ +#if STATEFUL + if ((f->fw_flg & IP_FW_F_PRN) && + /* Don't log for dynamic rules with keep state */ + !((f->fw_flg & IP_FW_F_KEEP_S) && q != NULL) && + fw_verbose) { + ipfw_report(f, ip, rif, oif); + } + +#else if ((f->fw_flg & IP_FW_F_PRN) && fw_verbose) ipfw_report(f, ip, rif, oif); +#endif /* Take appropriate action */ switch (f->fw_flg & IP_FW_F_COMMAND) { --------------CC956E7E3750E59FCE350FBF-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message