diff options
author | nate <nate@FreeBSD.org> | 1996-07-09 20:49:38 +0000 |
---|---|---|
committer | nate <nate@FreeBSD.org> | 1996-07-09 20:49:38 +0000 |
commit | 20b7787b81708cc849e588e34006b20fee91909a (patch) | |
tree | b06dde464fac211e237b04303347534d8736a2e4 /sys | |
parent | f53b019e3b9c566c1558586c1ccda33019257a28 (diff) | |
download | FreeBSD-src-20b7787b81708cc849e588e34006b20fee91909a.zip FreeBSD-src-20b7787b81708cc849e588e34006b20fee91909a.tar.gz |
Functionality for IPFIREWALL_VERBOSE logging:
- State when we've reached the limit on a particular rule in the kernel logfile
- State when a rule or all rules have been zero'd.
This gives a log of all actions that occur w/regard to the firewall
occurances, and can explain why a particular break-in attempt might not
get logged due to the limit being reached.
Reviewed by: alex
Diffstat (limited to 'sys')
-rw-r--r-- | sys/netinet/ip_fw.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/netinet/ip_fw.c b/sys/netinet/ip_fw.c index 1bcc57b..c8b34ff 100644 --- a/sys/netinet/ip_fw.c +++ b/sys/netinet/ip_fw.c @@ -12,7 +12,7 @@ * * This software is provided ``AS IS'' without any warranties of any kind. * - * $Id: ip_fw.c,v 1.42 1996/06/25 00:22:20 alex Exp $ + * $Id: ip_fw.c,v 1.43 1996/06/29 03:33:20 alex Exp $ */ /* @@ -252,6 +252,8 @@ ipfw_report(char *txt, int rule, struct ip *ip, int counter) if ((ip->ip_off & IP_OFFMASK)) printf(" Fragment = %d",ip->ip_off & IP_OFFMASK); printf("\n"); + if (fw_verbose_limit != 0 && counter == fw_verbose_limit) + printf("ipfw: limit reached on rule #%d\n", rule); } /* @@ -592,6 +594,10 @@ zero_entry(struct mbuf *m) } splx(s); + if ( frwl ) + printf("ipfw: Entry %d cleared.\n", frwl->fw_number); + else + printf("ipfw: Accounting cleared.\n"); return(0); } |