From nobody@FreeBSD.ORG  Sat Jun  3 13:47:28 2000
Return-Path: <nobody@FreeBSD.ORG>
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 159CD37BC4E; Sat,  3 Jun 2000 13:47:28 -0700 (PDT)
Message-Id: <20000603204728.159CD37BC4E@hub.freebsd.org>
Date: Sat,  3 Jun 2000 13:47:28 -0700 (PDT)
From: loughry@uswest.net
Sender: nobody@FreeBSD.ORG
To: freebsd-gnats-submit@FreeBSD.org
Subject: log packets blocked by filter rules
X-Send-Pr-Version: www-1.0

>Number:         18992
>Category:       bin
>Synopsis:       log packets blocked by filter rules
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    brian
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jun 03 13:50:01 PDT 2000
>Closed-Date:    Tue Jun 29 09:22:42 GMT 2004
>Last-Modified:  Tue Jun 29 09:22:42 GMT 2004
>Originator:     Joe Loughry
>Release:        3.4-STABLE
>Organization:
Lockheed Martin
>Environment:
FreeBSD miranda.dnvr.uswest.net 3.4-STABLE FreeBSD 3.4-STABLE #10: Sun May 28 21:32:42 MDT 2000     loughry@miranda.dnvr.uswest.net:/usr/src/sys/compile/MIRANDA  i386
>Description:
This patch adds a new log level "BLOCKED" that logs packets that were
dropped because of a filter rule.  It is similar to "set log tcp/ip,"
but logs only blocked packets, not every packet.
>How-To-Repeat:
Add the option "set log blocked" to your /etc/ppp/ppp.conf file.
>Fix:
Three files were changed: ip.c, log.c, log.h

*** ip.c.OLD    Sat Jun  3 14:27:38 2000
--- ip.c        Sat Jun  3 14:28:12 2000
***************
*** 440,457 ****
    struct udphdr *uh;
    struct icmp *icmph;
    char *ptop;
!   int mask, len, n, pri, logit, loglen, result;
    char logbuf[200];
  
    logit = (log_IsKept(LogTCPIP) || log_IsKept(LogDNS)) &&
            (!filter || filter->logok);
    loglen = 0;
    pri = 0;
  
    pip = (struct ip *)cp;
    uh = NULL;
  
!   if (logit && loglen < sizeof logbuf) {
      if (filter)
        snprintf(logbuf + loglen, sizeof logbuf - loglen, "%s ", filter->name);
      else
--- 440,458 ----
    struct udphdr *uh;
    struct icmp *icmph;
    char *ptop;
!   int mask, len, n, pri, logit, log_blocked, loglen, result;
    char logbuf[200];
  
    logit = (log_IsKept(LogTCPIP) || log_IsKept(LogDNS)) &&
            (!filter || filter->logok);
+   log_blocked = log_IsKept(LogBLOCKED) && filter->logok;
    loglen = 0;
    pri = 0;
  
    pip = (struct ip *)cp;
    uh = NULL;
  
!   if ((logit || log_blocked) && loglen < sizeof logbuf) {
      if (filter)
        snprintf(logbuf + loglen, sizeof logbuf - loglen, "%s ", filter->name);
      else
***************
*** 589,595 ****
    }
  
    if (filter && FilterCheck(pip, filter)) {
!     if (logit)
        log_Printf(LogTCPIP, "%s - BLOCKED\n", logbuf);
  #ifdef notdef
      if (direction == 0)
--- 590,598 ----
    }
  
    if (filter && FilterCheck(pip, filter)) {
!     if (log_blocked)
!       log_Printf(LogBLOCKED, "%s - BLOCKED\n", logbuf);
!     else if (logit)
        log_Printf(LogTCPIP, "%s - BLOCKED\n", logbuf);
  #ifdef notdef
      if (direction == 0)



*** log.h.OLD   Sat Jun  3 14:27:50 2000
--- log.h       Sat Jun  3 14:28:04 2000
***************
*** 28,57 ****
  
  #define LogMIN                (1)
  #define LogASYNC      (1)     /* syslog(LOG_INFO, ....)        */
! #define LogCBCP               (2)
! #define LogCCP                (3)
! #define LogCHAT               (4)
! #define LogCOMMAND    (5)
! #define LogCONNECT    (6)
! #define LogDEBUG      (7)     /* syslog(LOG_DEBUG, ....)       */
! #define LogDNS                (8)
! #define LogHDLC               (9)
! #define LogID0                (10)
! #define LogIPCP               (11)
! #define LogLCP                (12)
! #define LogLQM                (13)
! #define LogPHASE      (14)
! #define LogPHYSICAL   (15)    /* syslog(LOG_INFO, ....)        */
! #define LogSYNC               (16)    /* syslog(LOG_INFO, ....)        */
! #define LogTCPIP      (17)
! #define LogTIMER      (18)    /* syslog(LOG_DEBUG, ....)       */
! #define LogTUN                (19)    /* If set, tun%d is output with each message */
! #define LogWARN               (20)    /* Sent to VarTerm else syslog(LOG_WARNING, ) */
! #define LogERROR      (21)    /* syslog(LOG_ERR, ....), + sent to VarTerm */
! #define LogALERT      (22)    /* syslog(LOG_ALERT, ....)       */
  
! #define LogMAXCONF    (19)
! #define LogMAX                (22)
  
  struct mbuf;
  struct cmdargs;
--- 28,58 ----
  
  #define LogMIN                (1)
  #define LogASYNC      (1)     /* syslog(LOG_INFO, ....)        */
! #define LogBLOCKED    (2)
! #define LogCBCP               (3)
! #define LogCCP                (4)
! #define LogCHAT               (5)
! #define LogCOMMAND    (6)
! #define LogCONNECT    (7)
! #define LogDEBUG      (8)     /* syslog(LOG_DEBUG, ....)       */
! #define LogDNS                (9)
! #define LogHDLC               (10)
! #define LogID0                (11)
! #define LogIPCP               (12)
! #define LogLCP                (13)
! #define LogLQM                (14)
! #define LogPHASE      (15)
! #define LogPHYSICAL   (16)    /* syslog(LOG_INFO, ....)        */
! #define LogSYNC               (17)    /* syslog(LOG_INFO, ....)        */
! #define LogTCPIP      (18)
! #define LogTIMER      (19)    /* syslog(LOG_DEBUG, ....)       */
! #define LogTUN                (20)    /* If set, tun%d is output with each message */
! #define LogWARN               (21)    /* Sent to VarTerm else syslog(LOG_WARNING, ) */
! #define LogERROR      (22)    /* syslog(LOG_ERR, ....), + sent to VarTerm */
! #define LogALERT      (23)    /* syslog(LOG_ALERT, ....)       */
  
! #define LogMAXCONF    (20)
! #define LogMAX                (23)
  
  struct mbuf;
  struct cmdargs;


*** log.c.OLD   Sat Jun  3 14:27:44 2000
--- log.c       Sat Jun  3 14:27:57 2000
***************
*** 44,49 ****
--- 44,50 ----
  
  static const char * const LogNames[] = {
    "Async",
+   "Blocked",
    "CBCP",
    "CCP",
    "Chat",


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->brian 
Responsible-Changed-By: phk 
Responsible-Changed-When: Sat Jun 2 01:42:06 PDT 2001 
Responsible-Changed-Why:  
This is a ppp issue 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=18992 
State-Changed-From-To: open->closed 
State-Changed-By: brian 
State-Changed-When: Tue Jun 29 09:20:32 GMT 2004 
State-Changed-Why:  
This facility is already implemented (``set log filter''). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=18992 
>Unformatted:
