diff options
| author | Kjell Wooding <kjell@cvs.openbsd.org> | 2000-08-10 05:50:28 +0000 |
|---|---|---|
| committer | Kjell Wooding <kjell@cvs.openbsd.org> | 2000-08-10 05:50:28 +0000 |
| commit | f6f9719d77e16be22cc895846d5a194bedc0a06c (patch) | |
| tree | 72ffe5baca00bf7f9e9b21455a0220c82f42babd /usr.sbin/ipmon | |
| parent | ad4cd1f6669755dfa5db6525909b031b9fee7918 (diff) | |
Import ipf 3.3.18. Fixes more problems with the in-kernel FTP proxy,
some nat state bugs, and ups the default state table size.
See sbin/ipf/HISTORY for details.
Diffstat (limited to 'usr.sbin/ipmon')
| -rw-r--r-- | usr.sbin/ipmon/ipmon.c | 67 |
1 files changed, 53 insertions, 14 deletions
diff --git a/usr.sbin/ipmon/ipmon.c b/usr.sbin/ipmon/ipmon.c index 31b42559040..6b38934dbaa 100644 --- a/usr.sbin/ipmon/ipmon.c +++ b/usr.sbin/ipmon/ipmon.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipmon.c,v 1.23 2000/03/13 23:40:20 kjell Exp $ */ +/* $OpenBSD: ipmon.c,v 1.24 2000/08/10 05:50:27 kjell Exp $ */ /* * Copyright (C) 1993-1998 by Darren Reed. @@ -9,7 +9,7 @@ */ #if !defined(lint) static const char sccsid[] = "@(#)ipmon.c 1.21 6/5/96 (C)1993-1998 Darren Reed"; -static const char rcsid[] = "@(#)$IPFilter: ipmon.c,v 2.3.2.5 2000/02/16 14:40:39 darrenr Exp $"; +static const char rcsid[] = "@(#)$IPFilter: ipmon.c,v 2.3.2.6 2000/08/07 13:04:51 darrenr Exp $"; #endif #ifndef SOLARIS @@ -579,10 +579,11 @@ int blen; { tcphdr_t *tp; struct icmp *ic; + struct icmp *icmphdr; struct tm *tm; char *t, *proto; u_short hl, p; - int i, lvl, res, len; + int i, lvl, res, len, ipoff; ip_t *ipc, *ip; iplog_t *ipl; ipflog_t *ipf; @@ -713,19 +714,57 @@ int blen; ic->icmp_type == ICMP_REDIRECT || ic->icmp_type == ICMP_TIMXCEED) { ipc = &ic->icmp_ip; - tp = (tcphdr_t *)((char *)ipc + hl); - + i = ntohs(ipc->ip_len); + ipoff = ntohs(ipc->ip_off); proto = getproto(ipc->ip_p); - t += strlen(t); - (void) sprintf(t, " for %s,%s -", - hostname(res, ipc->ip_src), - portname(res, proto, (u_int)tp->th_sport)); - t += strlen(t); - (void) sprintf(t, " %s,%s PR %s len %hu %hu", - hostname(res, ipc->ip_dst), - portname(res, proto, (u_int)tp->th_dport), - proto, ipc->ip_hl << 2, ipc->ip_len); + if (!(ipoff & IP_OFFMASK) && + ((ipc->ip_p == IPPROTO_TCP) || + (ipc->ip_p == IPPROTO_UDP))) { + tp = (tcphdr_t *)((char *)ipc + hl); + + t += strlen(t); + (void) sprintf(t, " for %s,%s -", + hostname(res, ipc->ip_src), + portname(res, proto, + (u_int)tp->th_sport)); + t += strlen(t); + (void) sprintf(t, " %s,%s PR %s len %hu %hu", + hostname(res, ipc->ip_dst), + portname(res, proto, + (u_int)tp->th_dport), + proto, ipc->ip_hl << 2, ipc->ip_len); + } else if ((ipc->ip_p == IPPROTO_ICMP) && + !(ipoff & IP_OFFMASK)) { + icmphdr = (icmphdr_t *)((char *)ipc + hl); + + t += strlen(t); + (void) sprintf(t, " for %s -", + hostname(res, ipc->ip_src)); + t += strlen(t); + (void) sprintf(t, + " %s PR icmp len %hu %hu icmp %d/%d", + hostname(res, ipc->ip_dst), + ipc->ip_hl << 2, i, + icmphdr->icmp_type, icmphdr->icmp_code); + } else { + + t += strlen(t); + (void) sprintf(t, " for %s -", + hostname(res, ipc->ip_src)); + t += strlen(t); + (void) sprintf(t, " %s PR %s len %hu (%hu)", + hostname(res, ipc->ip_dst), + proto, ipc->ip_hl << 2, ipc->ip_len); + t += strlen(t); + if (ipc->ip_off & IP_OFFMASK) { + (void) sprintf(t, " frag %s%s%hu@%hu", + ipoff & IP_MF ? "+" : "", + ipoff & IP_DF ? "-" : "", + i - (ipc->ip_hl << 2), + (ipoff & IP_OFFMASK) << 3); + } + } } } else { (void) sprintf(t, "%s -> ", hostname(res, ip->ip_src)); |