kern/51082: FEATURE: More descriptive message on dropped tcp/udp attempts

Rene de Vries rene at tunix.nl
Thu Apr 17 01:20:10 PDT 2003


>Number:         51082
>Category:       kern
>Synopsis:       FEATURE: More descriptive message on dropped tcp/udp attempts
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 17 01:20:07 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Rene de Vries
>Release:        FreeBSD 4.7-RELEASE-p3 i386 / FreeBSD 5.0-20030401 i386
>Organization:
Tunix Internet Security & Training
>Environment:
	FreeBSD 5.0/4.7
>Description:
	Produce a more descriptive message when a tcp/udp packet is
	dropped. For readability source and destination are reversed.
	For TCP the flags are named (the current hexadecimal output is
	unreadable for humans).
>How-To-Repeat:
>Fix:

Files:
	sys/netinet/tcp_input.c
	sys/netinet/udp_usrreq.c

Diff against FreeBSD 5 (current as of 01 Apr 2003):

Index: sys/netinet/tcp_input.c
===================================================================
RCS file: /home/fbsd-cvsrepo/src/sys/netinet/tcp_input.c,v
retrieving revision 1.202
diff -u -r1.202 tcp_input.c
--- sys/netinet/tcp_input.c	13 Mar 2003 11:46:57 -0000	1.202
+++ sys/netinet/tcp_input.c	1 Apr 2003 13:51:06 -0000
@@ -627,6 +627,21 @@
 				    dbuf, ntohs(th->th_dport), sbuf,
 				    ntohs(th->th_sport), thflags);
 				break;
+ 			case 3:
+ 				log(LOG_INFO,
+ 				"dropped TCP %s:%d -> %s:%d %c%c%c%c%c%c%c%c (0x%02x)\n", 
+ 					sbuf, ntohs(th->th_sport),
+	 				dbuf, ntohs(th->th_dport),
+ 					((thflags & TH_CWR)?'C':'-'),
+ 					((thflags & TH_ECE)?'E':'-'),
+ 					((thflags & TH_URG)?'U':'-'),
+ 					((thflags & TH_ACK)?'A':'-'),
+ 					((thflags & TH_PUSH)?'P':'-'),
+ 					((thflags & TH_RST)?'R':'-'),
+ 					((thflags & TH_SYN)?'S':'-'),
+ 					((thflags & TH_FIN)?'F':'-'),
+ 					thflags);
+  				break;
 			default:
 				break;
 			}

Index: sys/netinet/udp_usrreq.c
===================================================================
RCS file: /home/fbsd-cvsrepo/src/sys/netinet/udp_usrreq.c,v
retrieving revision 1.133
diff -u -r1.133 udp_usrreq.c
--- sys/netinet/udp_usrreq.c	19 Feb 2003 05:47:34 -0000	1.133
+++ sys/netinet/udp_usrreq.c	1 Apr 2003 13:51:06 -0000
@@ -355,10 +355,23 @@
 			char buf[4*sizeof "123"];
 
 			strcpy(buf, inet_ntoa(ip->ip_dst));
-			log(LOG_INFO,
-			    "Connection attempt to UDP %s:%d from %s:%d\n",
-			    buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src),
-			    ntohs(uh->uh_sport));
+			switch (log_in_vain) {
+				case 1:
+					log(LOG_INFO,
+			    			"Connection attempt to UDP %s:%d from %s:%d\n",
+			    			buf, ntohs(uh->uh_dport), inet_ntoa(ip->ip_src),
+			    			ntohs(uh->uh_sport));
+					break;
+				case 2:
+					log(LOG_INFO,
+						"dropped UDP %s:%d -> %s:%d\n", 
+						inet_ntoa(ip->ip_src),
+						ntohs(uh->uh_sport),
+			    			buf, ntohs(uh->uh_dport));
+					break;
+				default:
+					break;
+			}
 		}
 		udpstat.udps_noport++;
 		if (m->m_flags & (M_BCAST | M_MCAST)) {

>Release-Note:
>Audit-Trail:
>Unformatted:


More information about the freebsd-bugs mailing list