Date: Thu, 17 Apr 2003 10:08:46 +0200 (CEST) From: Rene de Vries <rene@tunix.nl> To: FreeBSD-gnats-submit@FreeBSD.org Cc: hsu@FreeBSD.org Subject: kern/51082: FEATURE: More descriptive message on dropped tcp/udp attempts Message-ID: <200304170808.h3H88kpw052850@upsilix.tunix.nl> Resent-Message-ID: <200304170820.h3H8K8Wq059271@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 51082 >Category: kern >Synopsis: FEATURE: More descriptive message on dropped tcp/udp attempts >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Apr 17 01:20:07 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Rene de Vries >Release: FreeBSD 4.7-RELEASE-p3 i386 / FreeBSD 5.0-20030401 i386 >Organization: Tunix Internet Security & Training >Environment: FreeBSD 5.0/4.7 >Description: Produce a more descriptive message when a tcp/udp packet is dropped. For readability source and destination are reversed. For TCP the flags are named (the current hexadecimal output is unreadable for humans). >How-To-Repeat: >Fix: Files: sys/netinet/tcp_input.c sys/netinet/udp_usrreq.c Diff against FreeBSD 5 (current as of 01 Apr 2003): Index: sys/netinet/tcp_input.c =================================================================== RCS file: /home/fbsd-cvsrepo/src/sys/netinet/tcp_input.c,v retrieving revision 1.202 diff -u -r1.202 tcp_input.c --- sys/netinet/tcp_input.c 13 Mar 2003 11:46:57 -0000 1.202 +++ sys/netinet/tcp_input.c 1 Apr 2003 13:51:06 -0000 @@ -627,6 +627,21 @@ dbuf, ntohs(th->th_dport), sbuf, ntohs(th->th_sport), thflags); break; + case 3: + log(LOG_INFO, + "dropped TCP %s:%d -> %s:%d %c%c%c%c%c%c%c%c (0x%02x)\n", + sbuf, ntohs(th->th_sport), + dbuf, ntohs(th->th_dport), + ((thflags & TH_CWR)?'C':'-'), + ((thflags & TH_ECE)?'E':'-'), + ((thflags & TH_URG)?'U':'-'), + ((thflags & TH_ACK)?'A':'-'), + ((thflags & TH_PUSH)?'P':'-'), + ((thflags & TH_RST)?'R':'-'), + ((thflags & TH_SYN)?'S':'-'), + ((thflags & TH_FIN)?'F':'-'), + thflags); + break; default: break; } Index: sys/netinet/udp_usrreq.c =================================================================== RCS file: /home/fbsd-cvsrepo/src/sys/netinet/udp_usrreq.c,v retrieving revision 1.133 diff -u -r1.133 udp_usrreq.c --- sys/netinet/udp_usrreq.c 19 Feb 2003 05:47:34 -0000 1.133 +++ sys/netinet/udp_usrreq.c 1 Apr 2003 13:51:06 -0000 @@ -355,10 +355,23 @@ char buf[4*sizeof "123"]; strcpy(buf, inet_ntoa(ip->ip_dst)); - log(LOG_INFO, - "Connection attempt to UDP %s:%d from %s:%d\n", - buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src), - ntohs(uh->uh_sport)); + switch (log_in_vain) { + case 1: + log(LOG_INFO, + "Connection attempt to UDP %s:%d from %s:%d\n", + buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src), + ntohs(uh->uh_sport)); + break; + case 2: + log(LOG_INFO, + "dropped UDP %s:%d -> %s:%d\n", + inet_ntoa(ip->ip_src), + ntohs(uh->uh_sport), + buf, ntohs(uh->uh_dport)); + break; + default: + break; + } } udpstat.udps_noport++; if (m->m_flags & (M_BCAST | M_MCAST)) { >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304170808.h3H88kpw052850>