kern/51082: FEATURE: More descriptive message on dropped tcp/udp
attempts
Rene de Vries
rene at tunix.nl
Thu Apr 17 01:20:10 PDT 2003
>Number: 51082
>Category: kern
>Synopsis: FEATURE: More descriptive message on dropped tcp/udp attempts
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 17 01:20:07 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Rene de Vries
>Release: FreeBSD 4.7-RELEASE-p3 i386 / FreeBSD 5.0-20030401 i386
>Organization:
Tunix Internet Security & Training
>Environment:
FreeBSD 5.0/4.7
>Description:
Produce a more descriptive message when a tcp/udp packet is
dropped. For readability source and destination are reversed.
For TCP the flags are named (the current hexadecimal output is
unreadable for humans).
>How-To-Repeat:
>Fix:
Files:
sys/netinet/tcp_input.c
sys/netinet/udp_usrreq.c
Diff against FreeBSD 5 (current as of 01 Apr 2003):
Index: sys/netinet/tcp_input.c
===================================================================
RCS file: /home/fbsd-cvsrepo/src/sys/netinet/tcp_input.c,v
retrieving revision 1.202
diff -u -r1.202 tcp_input.c
--- sys/netinet/tcp_input.c 13 Mar 2003 11:46:57 -0000 1.202
+++ sys/netinet/tcp_input.c 1 Apr 2003 13:51:06 -0000
@@ -627,6 +627,21 @@
dbuf, ntohs(th->th_dport), sbuf,
ntohs(th->th_sport), thflags);
break;
+ case 3:
+ log(LOG_INFO,
+ "dropped TCP %s:%d -> %s:%d %c%c%c%c%c%c%c%c (0x%02x)\n",
+ sbuf, ntohs(th->th_sport),
+ dbuf, ntohs(th->th_dport),
+ ((thflags & TH_CWR)?'C':'-'),
+ ((thflags & TH_ECE)?'E':'-'),
+ ((thflags & TH_URG)?'U':'-'),
+ ((thflags & TH_ACK)?'A':'-'),
+ ((thflags & TH_PUSH)?'P':'-'),
+ ((thflags & TH_RST)?'R':'-'),
+ ((thflags & TH_SYN)?'S':'-'),
+ ((thflags & TH_FIN)?'F':'-'),
+ thflags);
+ break;
default:
break;
}
Index: sys/netinet/udp_usrreq.c
===================================================================
RCS file: /home/fbsd-cvsrepo/src/sys/netinet/udp_usrreq.c,v
retrieving revision 1.133
diff -u -r1.133 udp_usrreq.c
--- sys/netinet/udp_usrreq.c 19 Feb 2003 05:47:34 -0000 1.133
+++ sys/netinet/udp_usrreq.c 1 Apr 2003 13:51:06 -0000
@@ -355,10 +355,23 @@
char buf[4*sizeof "123"];
strcpy(buf, inet_ntoa(ip->ip_dst));
- log(LOG_INFO,
- "Connection attempt to UDP %s:%d from %s:%d\n",
- buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src),
- ntohs(uh->uh_sport));
+ switch (log_in_vain) {
+ case 1:
+ log(LOG_INFO,
+ "Connection attempt to UDP %s:%d from %s:%d\n",
+ buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src),
+ ntohs(uh->uh_sport));
+ break;
+ case 2:
+ log(LOG_INFO,
+ "dropped UDP %s:%d -> %s:%d\n",
+ inet_ntoa(ip->ip_src),
+ ntohs(uh->uh_sport),
+ buf, ntohs(uh->uh_dport));
+ break;
+ default:
+ break;
+ }
}
udpstat.udps_noport++;
if (m->m_flags & (M_BCAST | M_MCAST)) {
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list