log pcap stats upon SIGUSR1; ok canacar

From: Dave Harrison <dave@nullcube.com>

2 files changed, 38 insertions, 12 deletions

diff --git a/sbin/pflogd/pflogd.8 b/sbin/pflogd/pflogd.8
index 1ce8b9a4cf3..6eef1e6453c 100644
--- a/sbin/pflogd/pflogd.8
+++ b/sbin/pflogd/pflogd.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: pflogd.8,v 1.36 2008/01/14 17:03:42 okan Exp $
+.\"	$OpenBSD: pflogd.8,v 1.37 2008/10/22 08:16:49 henning Exp $
 .\"
 .\" Copyright (c) 2001 Can Erkin Acar.  All rights reserved.
 .\"
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: January 14 2008 $
+.Dd $Mdocdate: October 22 2008 $
 .Dt PFLOGD 8
 .Os
 .Sh NAME
@@ -95,6 +95,13 @@ or a
 .Dv SIGALRM
 is received.
 .Pp
+.Nm
+will also log the pcap statistics for the
+.Xr pflog 4
+interface to syslog when a
+.Dv SIGUSR1
+is received.
+.Pp
 The options are as follows:
 .Bl -tag -width Ds
 .It Fl D
diff --git a/sbin/pflogd/pflogd.c b/sbin/pflogd/pflogd.c
index cd7a273924a..ae133cb8bb6 100644
--- a/sbin/pflogd/pflogd.c
+++ b/sbin/pflogd/pflogd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pflogd.c,v 1.45 2007/06/06 14:11:26 henning Exp $	*/
+/*	$OpenBSD: pflogd.c,v 1.46 2008/10/22 08:16:49 henning Exp $	*/
 
 /*
  * Copyright (c) 2001 Theo de Raadt
@@ -58,7 +58,7 @@ int Debug = 0;
 static int snaplen = DEF_SNAPLEN;
 static int cur_snaplen = DEF_SNAPLEN;
 
-volatile sig_atomic_t gotsig_close, gotsig_alrm, gotsig_hup;
+volatile sig_atomic_t gotsig_close, gotsig_alrm, gotsig_hup, gotsig_usr1;
 
 char *filename = PFLOGD_LOG_FILE;
 char *interface = PFLOGD_DEFAULT_IF;
@@ -72,6 +72,7 @@ unsigned int delay = FLUSH_DELAY;
 char *copy_argv(char * const *);
 void  dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
 void  dump_packet_nobuf(u_char *, const struct pcap_pkthdr *, const u_char *);
+void  log_pcap_stats(void);
 int   flush_buffer(FILE *);
 int   if_exists(char *);
 int   init_pcap(void);
@@ -82,6 +83,7 @@ int   scan_dump(FILE *, off_t);
 int   set_snaplen(int);
 void  set_suspended(int);
 void  sig_alrm(int);
+void  sig_usr1(int);
 void  sig_close(int);
 void  sig_hup(int);
 void  usage(void);
@@ -179,6 +181,12 @@ sig_alrm(int sig)
 }
 
 void
+sig_usr1(int sig)
+{
+	gotsig_usr1 = 1;
+}
+
+void
 set_pcap_filter(void)
 {
 	struct bpf_program bprog;
@@ -550,10 +558,21 @@ dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
 	return;
 }
 
+void
+log_pcap_stats(void)
+{
+	struct pcap_stat pstat;
+	if (pcap_stats(hpcap, &pstat) < 0)
+		logmsg(LOG_WARNING, "Reading stats: %s", pcap_geterr(hpcap));
+	else
+		logmsg(LOG_NOTICE,
+			"%u packets received, %u/%u dropped (kernel/pflogd)",
+			pstat.ps_recv, pstat.ps_drop, packets_dropped);
+}
+
 int
 main(int argc, char **argv)
 {
-	struct pcap_stat pstat;
 	int ch, np, ret, Xflag = 0;
 	pcap_handler phandler = dump_packet;
 	const char *errstr = NULL;
@@ -648,6 +667,7 @@ main(int argc, char **argv)
 	signal(SIGINT, sig_close);
 	signal(SIGQUIT, sig_close);
 	signal(SIGALRM, sig_alrm);
+	signal(SIGUSR1, sig_usr1);
 	signal(SIGHUP, sig_hup);
 	alarm(delay);
 
@@ -703,6 +723,11 @@ main(int argc, char **argv)
 			gotsig_alrm = 0;
 			alarm(delay);
 		}
+
+		if (gotsig_usr1) {
+			log_pcap_stats();
+			gotsig_usr1 = 0;
+		}
 	}
 
 	logmsg(LOG_NOTICE, "Exiting");
@@ -712,13 +737,7 @@ main(int argc, char **argv)
 	}
 	purge_buffer();
 
-	if (pcap_stats(hpcap, &pstat) < 0)
-		logmsg(LOG_WARNING, "Reading stats: %s", pcap_geterr(hpcap));
-	else
-		logmsg(LOG_NOTICE,
-		    "%u packets received, %u/%u dropped (kernel/pflogd)",
-		    pstat.ps_recv, pstat.ps_drop, packets_dropped);
-
+	log_pcap_stats();
 	pcap_close(hpcap);
 	if (!Debug)
 		closelog();