summaryrefslogtreecommitdiff
path: root/sbin/pfctl
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2003-11-14 13:51:10 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2003-11-14 13:51:10 +0000
commitd6c1530015231325a381aabac30433d9d3f18330 (patch)
tree948c5324674a9990960029af561f8330c4a8d19d /sbin/pfctl
parentd640f78aa8497e5da55736c2aea326363903f981 (diff)
allow the debuglevel to be set from pf.conf (set debug)
ok cedric@
Diffstat (limited to 'sbin/pfctl')
-rw-r--r--sbin/pfctl/parse.y13
-rw-r--r--sbin/pfctl/pfctl.c33
-rw-r--r--sbin/pfctl/pfctl_parser.h3
3 files changed, 45 insertions, 4 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index de5ace0dc16..f2a17991b3e 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.421 2003/11/08 00:45:34 mcbride Exp $ */
+/* $OpenBSD: parse.y,v 1.422 2003/11/14 13:51:09 henning Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -367,7 +367,7 @@ typedef struct {
%token NOROUTE FRAGMENT USER GROUP MAXMSS MAXIMUM TTL TOS DROP TABLE
%token REASSEMBLE FRAGDROP FRAGCROP ANCHOR NATANCHOR RDRANCHOR BINATANCHOR
%token SET OPTIMIZATION TIMEOUT LIMIT LOGINTERFACE BLOCKPOLICY RANDOMID
-%token REQUIREORDER SYNPROXY FINGERPRINTS NOSYNC
+%token REQUIREORDER SYNPROXY FINGERPRINTS NOSYNC DEBUG
%token ANTISPOOF FOR
%token BITMASK RANDOM SOURCEHASH ROUNDROBIN STATICPORT
%token ALTQ CBQ PRIQ HFSC BANDWIDTH TBRSIZE LINKSHARE REALTIME UPPERLIMIT
@@ -490,6 +490,14 @@ option : SET OPTIMIZATION STRING {
YYERROR;
}
}
+ | SET DEBUG STRING {
+ if (check_rulestate(PFCTL_STATE_OPTION))
+ YYERROR;
+ if (pfctl_set_debug(pf, $3) != 0) {
+ yyerror("error setting debuglevel %s", $3);
+ YYERROR;
+ }
+ }
;
string : string STRING {
@@ -3932,6 +3940,7 @@ lookup(char *s)
{ "cbq", CBQ},
{ "code", CODE},
{ "crop", FRAGCROP},
+ { "debug", DEBUG},
{ "drop", DROP},
{ "drop-ovl", FRAGDROP},
{ "dup-to", DUPTO},
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index f69649c84d4..e615d24ea60 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfctl.c,v 1.191 2003/11/06 15:01:30 henning Exp $ */
+/* $OpenBSD: pfctl.c,v 1.192 2003/11/14 13:51:09 henning Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1160,6 +1160,37 @@ pfctl_set_logif(struct pfctl *pf, char *ifname)
}
int
+pfctl_set_debug(struct pfctl *pf, char *d)
+{
+ u_int32_t level;
+
+ if ((loadopt & PFCTL_FLAG_OPTION) == 0)
+ return (0);
+
+ if (!strcmp(d, "none"))
+ level = PF_DEBUG_NONE;
+ else if (!strcmp(d, "urgent"))
+ level = PF_DEBUG_URGENT;
+ else if (!strcmp(d, "misc"))
+ level = PF_DEBUG_MISC;
+ else if (!strcmp(d, "loud"))
+ level = PF_DEBUG_NOISY;
+ else {
+ warnx("unknown debug level \"%s\"", d);
+ return (-1);
+ }
+
+ if ((pf->opts & PF_OPT_NOACTION) == 0)
+ if (ioctl(dev, DIOCSETDEBUG, &level))
+ err(1, "DIOCSETDEBUG");
+
+ if (pf->opts & PF_OPT_VERBOSE)
+ printf("set debug %s\n", d);
+
+ return (0);
+}
+
+int
pfctl_debug(int dev, u_int32_t level, int opts)
{
if (ioctl(dev, DIOCSETDEBUG, &level))
diff --git a/sbin/pfctl/pfctl_parser.h b/sbin/pfctl/pfctl_parser.h
index e8fa349c987..ebe2c14eae1 100644
--- a/sbin/pfctl/pfctl_parser.h
+++ b/sbin/pfctl/pfctl_parser.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfctl_parser.h,v 1.68 2003/09/26 21:44:09 cedric Exp $ */
+/* $OpenBSD: pfctl_parser.h,v 1.69 2003/11/14 13:51:09 henning Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -154,6 +154,7 @@ int pfctl_set_timeout(struct pfctl *, const char *, int, int);
int pfctl_set_optimization(struct pfctl *, const char *);
int pfctl_set_limit(struct pfctl *, const char *, unsigned int);
int pfctl_set_logif(struct pfctl *, char *);
+int pfctl_set_debug(struct pfctl *, char *);
int parse_rules(FILE *, struct pfctl *);
int parse_flags(char *);