From owner-freebsd-bugs Sat Jun 3 13:50:14 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 217C037BF4C for ; Sat, 3 Jun 2000 13:50:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id NAA96613; Sat, 3 Jun 2000 13:50:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: by hub.freebsd.org (Postfix, from userid 32767) id 159CD37BC4E; Sat, 3 Jun 2000 13:47:28 -0700 (PDT) Message-Id: <20000603204728.159CD37BC4E@hub.freebsd.org> Date: Sat, 3 Jun 2000 13:47:28 -0700 (PDT) From: loughry@uswest.net To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: bin/18992: log packets blocked by filter rules Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 18992 >Category: bin >Synopsis: log packets blocked by filter rules >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Jun 03 13:50:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Joe Loughry >Release: 3.4-STABLE >Organization: Lockheed Martin >Environment: FreeBSD miranda.dnvr.uswest.net 3.4-STABLE FreeBSD 3.4-STABLE #10: Sun May 28 21:32:42 MDT 2000 loughry@miranda.dnvr.uswest.net:/usr/src/sys/compile/MIRANDA i386 >Description: This patch adds a new log level "BLOCKED" that logs packets that were dropped because of a filter rule. It is similar to "set log tcp/ip," but logs only blocked packets, not every packet. >How-To-Repeat: Add the option "set log blocked" to your /etc/ppp/ppp.conf file. >Fix: Three files were changed: ip.c, log.c, log.h *** ip.c.OLD Sat Jun 3 14:27:38 2000 --- ip.c Sat Jun 3 14:28:12 2000 *************** *** 440,457 **** struct udphdr *uh; struct icmp *icmph; char *ptop; ! int mask, len, n, pri, logit, loglen, result; char logbuf[200]; logit = (log_IsKept(LogTCPIP) || log_IsKept(LogDNS)) && (!filter || filter->logok); loglen = 0; pri = 0; pip = (struct ip *)cp; uh = NULL; ! if (logit && loglen < sizeof logbuf) { if (filter) snprintf(logbuf + loglen, sizeof logbuf - loglen, "%s ", filter->name); else --- 440,458 ---- struct udphdr *uh; struct icmp *icmph; char *ptop; ! int mask, len, n, pri, logit, log_blocked, loglen, result; char logbuf[200]; logit = (log_IsKept(LogTCPIP) || log_IsKept(LogDNS)) && (!filter || filter->logok); + log_blocked = log_IsKept(LogBLOCKED) && filter->logok; loglen = 0; pri = 0; pip = (struct ip *)cp; uh = NULL; ! if ((logit || log_blocked) && loglen < sizeof logbuf) { if (filter) snprintf(logbuf + loglen, sizeof logbuf - loglen, "%s ", filter->name); else *************** *** 589,595 **** } if (filter && FilterCheck(pip, filter)) { ! if (logit) log_Printf(LogTCPIP, "%s - BLOCKED\n", logbuf); #ifdef notdef if (direction == 0) --- 590,598 ---- } if (filter && FilterCheck(pip, filter)) { ! if (log_blocked) ! log_Printf(LogBLOCKED, "%s - BLOCKED\n", logbuf); ! else if (logit) log_Printf(LogTCPIP, "%s - BLOCKED\n", logbuf); #ifdef notdef if (direction == 0) *** log.h.OLD Sat Jun 3 14:27:50 2000 --- log.h Sat Jun 3 14:28:04 2000 *************** *** 28,57 **** #define LogMIN (1) #define LogASYNC (1) /* syslog(LOG_INFO, ....) */ ! #define LogCBCP (2) ! #define LogCCP (3) ! #define LogCHAT (4) ! #define LogCOMMAND (5) ! #define LogCONNECT (6) ! #define LogDEBUG (7) /* syslog(LOG_DEBUG, ....) */ ! #define LogDNS (8) ! #define LogHDLC (9) ! #define LogID0 (10) ! #define LogIPCP (11) ! #define LogLCP (12) ! #define LogLQM (13) ! #define LogPHASE (14) ! #define LogPHYSICAL (15) /* syslog(LOG_INFO, ....) */ ! #define LogSYNC (16) /* syslog(LOG_INFO, ....) */ ! #define LogTCPIP (17) ! #define LogTIMER (18) /* syslog(LOG_DEBUG, ....) */ ! #define LogTUN (19) /* If set, tun%d is output with each message */ ! #define LogWARN (20) /* Sent to VarTerm else syslog(LOG_WARNING, ) */ ! #define LogERROR (21) /* syslog(LOG_ERR, ....), + sent to VarTerm */ ! #define LogALERT (22) /* syslog(LOG_ALERT, ....) */ ! #define LogMAXCONF (19) ! #define LogMAX (22) struct mbuf; struct cmdargs; --- 28,58 ---- #define LogMIN (1) #define LogASYNC (1) /* syslog(LOG_INFO, ....) */ ! #define LogBLOCKED (2) ! #define LogCBCP (3) ! #define LogCCP (4) ! #define LogCHAT (5) ! #define LogCOMMAND (6) ! #define LogCONNECT (7) ! #define LogDEBUG (8) /* syslog(LOG_DEBUG, ....) */ ! #define LogDNS (9) ! #define LogHDLC (10) ! #define LogID0 (11) ! #define LogIPCP (12) ! #define LogLCP (13) ! #define LogLQM (14) ! #define LogPHASE (15) ! #define LogPHYSICAL (16) /* syslog(LOG_INFO, ....) */ ! #define LogSYNC (17) /* syslog(LOG_INFO, ....) */ ! #define LogTCPIP (18) ! #define LogTIMER (19) /* syslog(LOG_DEBUG, ....) */ ! #define LogTUN (20) /* If set, tun%d is output with each message */ ! #define LogWARN (21) /* Sent to VarTerm else syslog(LOG_WARNING, ) */ ! #define LogERROR (22) /* syslog(LOG_ERR, ....), + sent to VarTerm */ ! #define LogALERT (23) /* syslog(LOG_ALERT, ....) */ ! #define LogMAXCONF (20) ! #define LogMAX (23) struct mbuf; struct cmdargs; *** log.c.OLD Sat Jun 3 14:27:44 2000 --- log.c Sat Jun 3 14:27:57 2000 *************** *** 44,49 **** --- 44,50 ---- static const char * const LogNames[] = { "Async", + "Blocked", "CBCP", "CCP", "Chat", >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message