Make -log_ipfw_denied active by default with -verbose.

Discussed with: phk
2001-11-27 11:06:02 +00:00 · 2001-11-27 11:06:02 +00:00 · c0956cf876
commit c0956cf876
parent 3843533e18
2 changed files with 8 additions and 1 deletions
--- a/sbin/natd/natd.8
+++ b/sbin/natd/natd.8
@ -466,6 +466,8 @@ The range will be cleared for all rules on startup.
 Log when a packet can not be re-injected because an
 .Xr ipfw 8
 rule blocks it.
+This is the default with
+.Fl verbose .
 .El
 .Sh RUNNING NATD
 The following steps are necessary before attempting to run
--- a/sbin/natd/natd.c
+++ b/sbin/natd/natd.c
@ -161,7 +161,7 @@ int main (int argc, char** argv)
 	dynamicMode		= 0;
 	logDropped		= 0;
 	logFacility		= LOG_DAEMON;
-	logIpfwDenied		= 0;
+	logIpfwDenied		= -1;
 /*
 * Mark packet buffer empty.
 */
@ -169,6 +169,11 @@ int main (int argc, char** argv)
 	packetDirection		= DONT_KNOW;

 	ParseArgs (argc, argv);
+/*
+ * Log ipfw(8) denied packets by default in verbose mode.
+ */
+	if (logIpfwDenied == -1)
+		logIpfwDenied = verbose;
 /*
 * Open syslog channel.
 */