diff options
| author | Jakob Schlyter <jakob@cvs.openbsd.org> | 2001-09-03 13:27:15 +0000 |
|---|---|---|
| committer | Jakob Schlyter <jakob@cvs.openbsd.org> | 2001-09-03 13:27:15 +0000 |
| commit | 4df9745024cd4f45d16111d2f509ad8090bfd5a2 (patch) | |
| tree | 06e9cd56b345e5db223700cd9487b7ee906db42e | |
| parent | f17e9eec44a37c71496040d73981d3f74089846c (diff) | |
only print pf rules when using -e flag; <canacar@eee.metu.edu.tr>
| -rw-r--r-- | usr.sbin/tcpdump/print-pflog.c | 25 | ||||
| -rw-r--r-- | usr.sbin/tcpdump/tcpdump.8 | 8 |
2 files changed, 20 insertions, 13 deletions
diff --git a/usr.sbin/tcpdump/print-pflog.c b/usr.sbin/tcpdump/print-pflog.c index 22a352fe341..16b193c986f 100644 --- a/usr.sbin/tcpdump/print-pflog.c +++ b/usr.sbin/tcpdump/print-pflog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: print-pflog.c,v 1.7 2001/07/17 20:36:00 provos Exp $ */ +/* $OpenBSD: print-pflog.c,v 1.8 2001/09/03 13:27:14 jakob Exp $ */ /* * Copyright (c) 1990, 1991, 1993, 1994, 1995, 1996 @@ -23,7 +23,7 @@ #ifndef lint static const char rcsid[] = - "@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/print-pflog.c,v 1.7 2001/07/17 20:36:00 provos Exp $ (LBL)"; + "@(#) $Header: /cvs/OpenBSD/src/usr.sbin/tcpdump/print-pflog.c,v 1.8 2001/09/03 13:27:14 jakob Exp $ (LBL)"; #endif #include <sys/param.h> @@ -81,20 +81,21 @@ pflog_if_print(u_char *user, const struct pcap_pkthdr *h, */ packetp = p; snapend = p + caplen; - - hdr = (struct pfloghdr *)p; - res = ntohs(hdr->reason); - why = (res < PFRES_MAX) ? pf_reasons[res] : "unkn"; + if (eflag) { + hdr = (struct pfloghdr *)p; - snprintf(reason, sizeof(reason), "%d(%s)", res, why); + res = ntohs(hdr->reason); + why = (res < PFRES_MAX) ? pf_reasons[res] : "unkn"; - printf("rule %d/%s: %s %s on %s: ", - (short)ntohs(hdr->rnr), reason, - ntohs(hdr->action) == PF_PASS ? "pass" : "block", - ntohs(hdr->dir) == PF_OUT ? "out" : "in", - hdr->ifname); + snprintf(reason, sizeof(reason), "%d(%s)", res, why); + printf("rule %d/%s: %s %s on %s: ", + (short)ntohs(hdr->rnr), reason, + ntohs(hdr->action) == PF_PASS ? "pass" : "block", + ntohs(hdr->dir) == PF_OUT ? "out" : "in", + hdr->ifname); + } length -= PFLOG_HDRLEN; ip = (struct ip *)(p + PFLOG_HDRLEN); ip_print((const u_char *)ip, length); diff --git a/usr.sbin/tcpdump/tcpdump.8 b/usr.sbin/tcpdump/tcpdump.8 index 1874c6185e0..acbddfd5079 100644 --- a/usr.sbin/tcpdump/tcpdump.8 +++ b/usr.sbin/tcpdump/tcpdump.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tcpdump.8,v 1.28 2001/09/03 13:25:53 jakob Exp $ +.\" $OpenBSD: tcpdump.8,v 1.29 2001/09/03 13:27:14 jakob Exp $ .\" .\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996 .\" The Regents of the University of California. All rights reserved. @@ -952,6 +952,12 @@ option is given, the link level header is printed out. On Ethernets, the source and destination addresses, protocol, and packet length are printed. .Pp +On the packet filter logging interface +.Pa pflog , +logging reason (rule match, bad-offset, fragment, short, +normalize, memory), action taken (pass/block), direction (in/out) and interface +information is printed out for each packet. +.Pp On .Tn FDDI networks, the |