In r343587 a simple port filter as sysctl tunable was added to siftr.

The new sysctl was not added to the siftr.4 man page at the time. This updates the man page, and removes one left over trailing whitespace. Submitted by: Richard Scheffenegger Reviewed by: bcr@ MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D21619
2019-10-07 20:35:04 +00:00 · 2019-10-07 20:35:04 +00:00 · 746c7ae563
commit 746c7ae563
parent c43f30ee6b
2 changed files with 10 additions and 2 deletions
--- a/share/man/man4/siftr.4
+++ b/share/man/man4/siftr.4
@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 18, 2015
+.Dd October 7, 2019
 .Dt SIFTR 4
 .Os
 .Sh NAME
@ -131,6 +131,14 @@ The hashes are useful to correlate which TCP packet triggered the generation of
 a particular log message, but calculating them adds additional computational
 overhead into the fast path.
 .El
+.Bl -tag -offset indent -width Va
+.It Va net.inet.siftr.port_filter
+controls on which source or destination port siftr should capture
+.Nm .
+By default, the value is set to 0, which means all ports are eligible for logging.
+Set to any other value, only packets where either the source or destination
+port is equal to this number are logged.
+.El
 .Ss Log Format
 A typical
 .Nm
--- a/sys/netinet/siftr.c
+++ b/sys/netinet/siftr.c
@ -918,7 +918,7 @@ siftr_chkpkt(struct mbuf **m, struct ifnet *ifp, int flags,
 	 * Only pkts selected by the tcp port filter
 	 * can be inserted into the pkt_queue
 	 */
-	if ((siftr_port_filter != 0) && 
+	if ((siftr_port_filter != 0) &&
 	    (siftr_port_filter != ntohs(inp->inp_lport)) &&
 	    (siftr_port_filter != ntohs(inp->inp_fport))) {
 		goto inp_unlock;