Log TCP syn packets for ports we don't listen on.

Controlled by: sysctl net.inet.tcp.log_in_vain: 1

Log UDP syn packets for ports we don't listen on.
Controlled by: sysctl net.inet.udp.log_in_vain: 1

Suggested by:	Warren Toomey <wkt@cs.adfa.oz.au>
This commit is contained in:
Poul-Henning Kamp 1996-04-04 10:46:44 +00:00
parent 0bb54c2df4
commit 816a3d836e
3 changed files with 37 additions and 5 deletions

View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
* $Id: tcp_input.c,v 1.39 1996/03/22 18:09:20 wollman Exp $
* $Id: tcp_input.c,v 1.40 1996/03/25 20:13:21 wollman Exp $
*/
#ifndef TUBA_INCLUDE
@ -46,6 +46,7 @@
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/errno.h>
#include <sys/syslog.h>
#include <machine/cpu.h> /* before tcp_seq.h, for tcp_random18() */
@ -76,6 +77,10 @@ struct tcpstat tcpstat;
SYSCTL_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats,
CTLFLAG_RD, &tcpstat , tcpstat, "");
static int log_in_vain = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW,
&log_in_vain, 0, "");
u_long tcp_now;
struct inpcbhead tcb;
struct inpcbinfo tcbinfo;
@ -371,8 +376,14 @@ tcp_input(m, iphlen)
* If the TCB exists but is in CLOSED state, it is embryonic,
* but should either do a listen or a connect soon.
*/
if (inp == NULL)
if (inp == NULL) {
if (log_in_vain && tiflags & TH_SYN)
log(LOG_INFO, "Connection attempt to TCP %s:%d"
" from %s:%d\n",
inet_ntoa(ti->ti_dst), ntohs(ti->ti_dport),
inet_ntoa(ti->ti_src), ntohs(ti->ti_sport));
goto dropwithreset;
}
tp = intotcpcb(inp);
if (tp == 0)
goto dropwithreset;

View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)tcp_input.c 8.12 (Berkeley) 5/24/95
* $Id: tcp_input.c,v 1.39 1996/03/22 18:09:20 wollman Exp $
* $Id: tcp_input.c,v 1.40 1996/03/25 20:13:21 wollman Exp $
*/
#ifndef TUBA_INCLUDE
@ -46,6 +46,7 @@
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/errno.h>
#include <sys/syslog.h>
#include <machine/cpu.h> /* before tcp_seq.h, for tcp_random18() */
@ -76,6 +77,10 @@ struct tcpstat tcpstat;
SYSCTL_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats,
CTLFLAG_RD, &tcpstat , tcpstat, "");
static int log_in_vain = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW,
&log_in_vain, 0, "");
u_long tcp_now;
struct inpcbhead tcb;
struct inpcbinfo tcbinfo;
@ -371,8 +376,14 @@ tcp_input(m, iphlen)
* If the TCB exists but is in CLOSED state, it is embryonic,
* but should either do a listen or a connect soon.
*/
if (inp == NULL)
if (inp == NULL) {
if (log_in_vain && tiflags & TH_SYN)
log(LOG_INFO, "Connection attempt to TCP %s:%d"
" from %s:%d\n",
inet_ntoa(ti->ti_dst), ntohs(ti->ti_dport),
inet_ntoa(ti->ti_src), ntohs(ti->ti_sport));
goto dropwithreset;
}
tp = intotcpcb(inp);
if (tp == 0)
goto dropwithreset;

View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)udp_usrreq.c 8.6 (Berkeley) 5/23/95
* $Id: udp_usrreq.c,v 1.19 1995/12/16 02:14:22 bde Exp $
* $Id: udp_usrreq.c,v 1.20 1996/03/11 15:13:38 davidg Exp $
*/
#include <sys/param.h>
@ -46,6 +46,7 @@
#include <sys/stat.h>
#include <sys/kernel.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <net/if.h>
#include <net/route.h>
@ -72,6 +73,10 @@ static int udpcksum = 0; /* XXX */
SYSCTL_INT(_net_inet_udp, UDPCTL_CHECKSUM, checksum, CTLFLAG_RW,
&udpcksum, 0, "");
static int log_in_vain = 1;
SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW,
&log_in_vain, 0, "");
static struct inpcbhead udb; /* from udp_var.h */
static struct inpcbinfo udbinfo;
@ -274,6 +279,11 @@ udp_input(m, iphlen)
uh->uh_dport, INPLOOKUP_WILDCARD);
}
if (inp == NULL) {
if (log_in_vain)
log(LOG_INFO, "Connection attempt to UDP %s:%d"
" from %s:%d\n",
inet_ntoa(ip->ip_dst), ntohs(uh->uh_dport),
inet_ntoa(ip->ip_src), ntohs(uh->uh_sport));
udpstat.udps_noport++;
if (m->m_flags & (M_BCAST | M_MCAST)) {
udpstat.udps_noportbcast++;