Date: Sat, 3 Jun 2000 13:47:28 -0700 (PDT) From: loughry@uswest.net To: freebsd-gnats-submit@FreeBSD.org Subject: bin/18992: log packets blocked by filter rules Message-ID: <20000603204728.159CD37BC4E@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 18992
>Category: bin
>Synopsis: log packets blocked by filter rules
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sat Jun 03 13:50:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Joe Loughry
>Release: 3.4-STABLE
>Organization:
Lockheed Martin
>Environment:
FreeBSD miranda.dnvr.uswest.net 3.4-STABLE FreeBSD 3.4-STABLE #10: Sun May 28 21:32:42 MDT 2000 loughry@miranda.dnvr.uswest.net:/usr/src/sys/compile/MIRANDA i386
>Description:
This patch adds a new log level "BLOCKED" that logs packets that were
dropped because of a filter rule. It is similar to "set log tcp/ip,"
but logs only blocked packets, not every packet.
>How-To-Repeat:
Add the option "set log blocked" to your /etc/ppp/ppp.conf file.
>Fix:
Three files were changed: ip.c, log.c, log.h
*** ip.c.OLD Sat Jun 3 14:27:38 2000
--- ip.c Sat Jun 3 14:28:12 2000
***************
*** 440,457 ****
struct udphdr *uh;
struct icmp *icmph;
char *ptop;
! int mask, len, n, pri, logit, loglen, result;
char logbuf[200];
logit = (log_IsKept(LogTCPIP) || log_IsKept(LogDNS)) &&
(!filter || filter->logok);
loglen = 0;
pri = 0;
pip = (struct ip *)cp;
uh = NULL;
! if (logit && loglen < sizeof logbuf) {
if (filter)
snprintf(logbuf + loglen, sizeof logbuf - loglen, "%s ", filter->name);
else
--- 440,458 ----
struct udphdr *uh;
struct icmp *icmph;
char *ptop;
! int mask, len, n, pri, logit, log_blocked, loglen, result;
char logbuf[200];
logit = (log_IsKept(LogTCPIP) || log_IsKept(LogDNS)) &&
(!filter || filter->logok);
+ log_blocked = log_IsKept(LogBLOCKED) && filter->logok;
loglen = 0;
pri = 0;
pip = (struct ip *)cp;
uh = NULL;
! if ((logit || log_blocked) && loglen < sizeof logbuf) {
if (filter)
snprintf(logbuf + loglen, sizeof logbuf - loglen, "%s ", filter->name);
else
***************
*** 589,595 ****
}
if (filter && FilterCheck(pip, filter)) {
! if (logit)
log_Printf(LogTCPIP, "%s - BLOCKED\n", logbuf);
#ifdef notdef
if (direction == 0)
--- 590,598 ----
}
if (filter && FilterCheck(pip, filter)) {
! if (log_blocked)
! log_Printf(LogBLOCKED, "%s - BLOCKED\n", logbuf);
! else if (logit)
log_Printf(LogTCPIP, "%s - BLOCKED\n", logbuf);
#ifdef notdef
if (direction == 0)
*** log.h.OLD Sat Jun 3 14:27:50 2000
--- log.h Sat Jun 3 14:28:04 2000
***************
*** 28,57 ****
#define LogMIN (1)
#define LogASYNC (1) /* syslog(LOG_INFO, ....) */
! #define LogCBCP (2)
! #define LogCCP (3)
! #define LogCHAT (4)
! #define LogCOMMAND (5)
! #define LogCONNECT (6)
! #define LogDEBUG (7) /* syslog(LOG_DEBUG, ....) */
! #define LogDNS (8)
! #define LogHDLC (9)
! #define LogID0 (10)
! #define LogIPCP (11)
! #define LogLCP (12)
! #define LogLQM (13)
! #define LogPHASE (14)
! #define LogPHYSICAL (15) /* syslog(LOG_INFO, ....) */
! #define LogSYNC (16) /* syslog(LOG_INFO, ....) */
! #define LogTCPIP (17)
! #define LogTIMER (18) /* syslog(LOG_DEBUG, ....) */
! #define LogTUN (19) /* If set, tun%d is output with each message */
! #define LogWARN (20) /* Sent to VarTerm else syslog(LOG_WARNING, ) */
! #define LogERROR (21) /* syslog(LOG_ERR, ....), + sent to VarTerm */
! #define LogALERT (22) /* syslog(LOG_ALERT, ....) */
! #define LogMAXCONF (19)
! #define LogMAX (22)
struct mbuf;
struct cmdargs;
--- 28,58 ----
#define LogMIN (1)
#define LogASYNC (1) /* syslog(LOG_INFO, ....) */
! #define LogBLOCKED (2)
! #define LogCBCP (3)
! #define LogCCP (4)
! #define LogCHAT (5)
! #define LogCOMMAND (6)
! #define LogCONNECT (7)
! #define LogDEBUG (8) /* syslog(LOG_DEBUG, ....) */
! #define LogDNS (9)
! #define LogHDLC (10)
! #define LogID0 (11)
! #define LogIPCP (12)
! #define LogLCP (13)
! #define LogLQM (14)
! #define LogPHASE (15)
! #define LogPHYSICAL (16) /* syslog(LOG_INFO, ....) */
! #define LogSYNC (17) /* syslog(LOG_INFO, ....) */
! #define LogTCPIP (18)
! #define LogTIMER (19) /* syslog(LOG_DEBUG, ....) */
! #define LogTUN (20) /* If set, tun%d is output with each message */
! #define LogWARN (21) /* Sent to VarTerm else syslog(LOG_WARNING, ) */
! #define LogERROR (22) /* syslog(LOG_ERR, ....), + sent to VarTerm */
! #define LogALERT (23) /* syslog(LOG_ALERT, ....) */
! #define LogMAXCONF (20)
! #define LogMAX (23)
struct mbuf;
struct cmdargs;
*** log.c.OLD Sat Jun 3 14:27:44 2000
--- log.c Sat Jun 3 14:27:57 2000
***************
*** 44,49 ****
--- 44,50 ----
static const char * const LogNames[] = {
"Async",
+ "Blocked",
"CBCP",
"CCP",
"Chat",
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000603204728.159CD37BC4E>