IP Filter/Accounting rule number patch

Roy Hooper (xx016@staff3.ncf.carleton.ca)
Tue, 19 Nov 1996 14:29:36 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: KRSE: "Re: Cyrix 6x86"
Previous message: Alan Cox: "Re: real POSIX.1b semaphores"

I needed a way to see what rule(s) were being triggered by what activity.
Here's the patch I applied to ip_fw.c:

*** ip_fw.c.original Tue Oct 29 15:02:19 1996
--- ip_fw.c Tue Oct 29 15:03:59 1996
***************
*** 213,218 ****
--- 213,219 ----
char notcpsyn=0, notcpack=0, match;
unsigned short offset;
int answer;
+ unsigned long count;
unsigned char tosand, tosxor;

/*
***************
*** 334,341 ****
--- 335,344 ----
dprintf1("\n");
#endif

+ count=0; /* reset rule count */
for (f=chain;f;f=f->fw_next)
{
+ count++;
/*
* This is a bit simpler as we don't have to walk
* an interface chain as you do in BSD - same logic
***************
*** 478,483 ****
--- 481,487 ----
else
printk("deny ");
}
+ printk("#%d ", count);
printk(rif ? rif->name : "-");
switch(ip->protocol)
{

--
Roy Hooper                   rhooper@freenet.carleton.ca
System Administrator,        "Mom!  I let my mind wander and 
National Capital Freenet     it didn't come back!" - Bill Waterson

Next message: KRSE: "Re: Cyrix 6x86"
Previous message: Alan Cox: "Re: real POSIX.1b semaphores"