From owner-freebsd-bugs@FreeBSD.ORG Thu Apr 17 01:20:10 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 71C8737B401 for ; Thu, 17 Apr 2003 01:20:10 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D2B543FE3 for ; Thu, 17 Apr 2003 01:20:08 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h3H8K8Up059272 for ; Thu, 17 Apr 2003 01:20:08 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h3H8K8Wq059271; Thu, 17 Apr 2003 01:20:08 -0700 (PDT) Resent-Date: Thu, 17 Apr 2003 01:20:08 -0700 (PDT) Resent-Message-Id: <200304170820.h3H8K8Wq059271@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Rene de Vries Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 48E8B37B401; Thu, 17 Apr 2003 01:10:24 -0700 (PDT) Received: from bastix.tunix.nl (bastix.tunix.nl [193.79.201.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id A612543F75; Thu, 17 Apr 2003 01:10:21 -0700 (PDT) (envelope-from rene@tunix.nl) Received: (from root@localhost) by bastix.tunix.nl (8.9.3c/8.6.12) id KAA93448; Thu, 17 Apr 2003 10:10:36 +0200 (CEST) Received: by bastix.tunix.nl (TUNIX txp2/smap) id sma092807; Thu, 17 Apr 03 10:09:07 +0200 Received: from upsilix.tunix.nl (upsilix.tunix.nl [172.16.2.22]) by fix.tunix.nl (8.10.2+Sun/8.10.2) with ESMTP id h3H88o922688; Thu, 17 Apr 2003 10:08:50 +0200 (MEST) Received: from upsilix.tunix.nl (localhost.tunix.nl [127.0.0.1]) by upsilix.tunix.nl (8.12.6/8.12.6) with ESMTP id h3H88kc5052851; Thu, 17 Apr 2003 10:08:46 +0200 (CEST) (envelope-from rene@upsilix.tunix.nl) Received: (from rene@localhost) by upsilix.tunix.nl (8.12.6/8.12.6/Submit) id h3H88kpw052850; Thu, 17 Apr 2003 10:08:46 +0200 (CEST) (envelope-from rene) Message-Id: <200304170808.h3H88kpw052850@upsilix.tunix.nl> Date: Thu, 17 Apr 2003 10:08:46 +0200 (CEST) From: Rene de Vries To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: hsu@FreeBSD.org Subject: kern/51082: FEATURE: More descriptive message on dropped tcp/udp attempts X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Rene de Vries List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2003 08:20:10 -0000 >Number: 51082 >Category: kern >Synopsis: FEATURE: More descriptive message on dropped tcp/udp attempts >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Apr 17 01:20:07 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Rene de Vries >Release: FreeBSD 4.7-RELEASE-p3 i386 / FreeBSD 5.0-20030401 i386 >Organization: Tunix Internet Security & Training >Environment: FreeBSD 5.0/4.7 >Description: Produce a more descriptive message when a tcp/udp packet is dropped. For readability source and destination are reversed. For TCP the flags are named (the current hexadecimal output is unreadable for humans). >How-To-Repeat: >Fix: Files: sys/netinet/tcp_input.c sys/netinet/udp_usrreq.c Diff against FreeBSD 5 (current as of 01 Apr 2003): Index: sys/netinet/tcp_input.c =================================================================== RCS file: /home/fbsd-cvsrepo/src/sys/netinet/tcp_input.c,v retrieving revision 1.202 diff -u -r1.202 tcp_input.c --- sys/netinet/tcp_input.c 13 Mar 2003 11:46:57 -0000 1.202 +++ sys/netinet/tcp_input.c 1 Apr 2003 13:51:06 -0000 @@ -627,6 +627,21 @@ dbuf, ntohs(th->th_dport), sbuf, ntohs(th->th_sport), thflags); break; + case 3: + log(LOG_INFO, + "dropped TCP %s:%d -> %s:%d %c%c%c%c%c%c%c%c (0x%02x)\n", + sbuf, ntohs(th->th_sport), + dbuf, ntohs(th->th_dport), + ((thflags & TH_CWR)?'C':'-'), + ((thflags & TH_ECE)?'E':'-'), + ((thflags & TH_URG)?'U':'-'), + ((thflags & TH_ACK)?'A':'-'), + ((thflags & TH_PUSH)?'P':'-'), + ((thflags & TH_RST)?'R':'-'), + ((thflags & TH_SYN)?'S':'-'), + ((thflags & TH_FIN)?'F':'-'), + thflags); + break; default: break; } Index: sys/netinet/udp_usrreq.c =================================================================== RCS file: /home/fbsd-cvsrepo/src/sys/netinet/udp_usrreq.c,v retrieving revision 1.133 diff -u -r1.133 udp_usrreq.c --- sys/netinet/udp_usrreq.c 19 Feb 2003 05:47:34 -0000 1.133 +++ sys/netinet/udp_usrreq.c 1 Apr 2003 13:51:06 -0000 @@ -355,10 +355,23 @@ char buf[4*sizeof "123"]; strcpy(buf, inet_ntoa(ip->ip_dst)); - log(LOG_INFO, - "Connection attempt to UDP %s:%d from %s:%d\n", - buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src), - ntohs(uh->uh_sport)); + switch (log_in_vain) { + case 1: + log(LOG_INFO, + "Connection attempt to UDP %s:%d from %s:%d\n", + buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src), + ntohs(uh->uh_sport)); + break; + case 2: + log(LOG_INFO, + "dropped UDP %s:%d -> %s:%d\n", + inet_ntoa(ip->ip_src), + ntohs(uh->uh_sport), + buf, ntohs(uh->uh_dport)); + break; + default: + break; + } } udpstat.udps_noport++; if (m->m_flags & (M_BCAST | M_MCAST)) { >Release-Note: >Audit-Trail: >Unformatted: