diff options
| author | Max Laier <mlaier@FreeBSD.org> | 2009-08-18 16:13:59 +0000 |
|---|---|---|
| committer | Max Laier <mlaier@FreeBSD.org> | 2009-08-18 16:13:59 +0000 |
| commit | 739de636d7c95255cef4fc68a2c80cd8af54e502 (patch) | |
| tree | 5fe04cbe5c5d58503b8de083ec567a80fad7da80 /pflogd | |
| parent | 89a3159080a774bd9de50eaf1861a1f0c1657a9f (diff) | |
Notes
Diffstat (limited to 'pflogd')
| -rw-r--r-- | pflogd/Makefile | 2 | ||||
| -rw-r--r-- | pflogd/pflogd.8 | 9 | ||||
| -rw-r--r-- | pflogd/pflogd.c | 37 | ||||
| -rw-r--r-- | pflogd/pflogd.h | 2 | ||||
| -rw-r--r-- | pflogd/privsep.c | 2 | ||||
| -rw-r--r-- | pflogd/privsep_fdpass.c | 2 |
6 files changed, 40 insertions, 14 deletions
diff --git a/pflogd/Makefile b/pflogd/Makefile index 377cad99635b..e5383e35f6c5 100644 --- a/pflogd/Makefile +++ b/pflogd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.7 2006/11/26 11:31:08 deraadt Exp $ +# $OpenBSD: Makefile,v 1.6 2003/11/20 23:23:09 avsm Exp $ CFLAGS+=-Wall -Wmissing-prototypes -Wshadow LDADD+= -lpcap -lutil diff --git a/pflogd/pflogd.8 b/pflogd/pflogd.8 index e16f866ea85b..783559e0943a 100644 --- a/pflogd/pflogd.8 +++ b/pflogd/pflogd.8 @@ -24,7 +24,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: May 31 2007 $ +.Dd $Mdocdate: January 14 2008 $ .Dt PFLOGD 8 .Os .Sh NAME @@ -95,6 +95,13 @@ or a .Dv SIGALRM is received. .Pp +.Nm +will also log the pcap statistics for the +.Xr pflog 4 +interface to syslog when a +.Dv SIGUSR1 +is received. +.Pp The options are as follows: .Bl -tag -width Ds .It Fl D diff --git a/pflogd/pflogd.c b/pflogd/pflogd.c index cd7a273924ae..302635be21f7 100644 --- a/pflogd/pflogd.c +++ b/pflogd/pflogd.c @@ -58,7 +58,7 @@ int Debug = 0; static int snaplen = DEF_SNAPLEN; static int cur_snaplen = DEF_SNAPLEN; -volatile sig_atomic_t gotsig_close, gotsig_alrm, gotsig_hup; +volatile sig_atomic_t gotsig_close, gotsig_alrm, gotsig_hup, gotsig_usr1; char *filename = PFLOGD_LOG_FILE; char *interface = PFLOGD_DEFAULT_IF; @@ -72,6 +72,7 @@ unsigned int delay = FLUSH_DELAY; char *copy_argv(char * const *); void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *); void dump_packet_nobuf(u_char *, const struct pcap_pkthdr *, const u_char *); +void log_pcap_stats(void); int flush_buffer(FILE *); int if_exists(char *); int init_pcap(void); @@ -82,6 +83,7 @@ int scan_dump(FILE *, off_t); int set_snaplen(int); void set_suspended(int); void sig_alrm(int); +void sig_usr1(int); void sig_close(int); void sig_hup(int); void usage(void); @@ -179,6 +181,12 @@ sig_alrm(int sig) } void +sig_usr1(int sig) +{ + gotsig_usr1 = 1; +} + +void set_pcap_filter(void) { struct bpf_program bprog; @@ -550,10 +558,21 @@ dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) return; } +void +log_pcap_stats(void) +{ + struct pcap_stat pstat; + if (pcap_stats(hpcap, &pstat) < 0) + logmsg(LOG_WARNING, "Reading stats: %s", pcap_geterr(hpcap)); + else + logmsg(LOG_NOTICE, + "%u packets received, %u/%u dropped (kernel/pflogd)", + pstat.ps_recv, pstat.ps_drop, packets_dropped); +} + int main(int argc, char **argv) { - struct pcap_stat pstat; int ch, np, ret, Xflag = 0; pcap_handler phandler = dump_packet; const char *errstr = NULL; @@ -648,6 +667,7 @@ main(int argc, char **argv) signal(SIGINT, sig_close); signal(SIGQUIT, sig_close); signal(SIGALRM, sig_alrm); + signal(SIGUSR1, sig_usr1); signal(SIGHUP, sig_hup); alarm(delay); @@ -703,6 +723,11 @@ main(int argc, char **argv) gotsig_alrm = 0; alarm(delay); } + + if (gotsig_usr1) { + log_pcap_stats(); + gotsig_usr1 = 0; + } } logmsg(LOG_NOTICE, "Exiting"); @@ -712,13 +737,7 @@ main(int argc, char **argv) } purge_buffer(); - if (pcap_stats(hpcap, &pstat) < 0) - logmsg(LOG_WARNING, "Reading stats: %s", pcap_geterr(hpcap)); - else - logmsg(LOG_NOTICE, - "%u packets received, %u/%u dropped (kernel/pflogd)", - pstat.ps_recv, pstat.ps_drop, packets_dropped); - + log_pcap_stats(); pcap_close(hpcap); if (!Debug) closelog(); diff --git a/pflogd/pflogd.h b/pflogd/pflogd.h index 596e69692614..967f44a24afa 100644 --- a/pflogd/pflogd.h +++ b/pflogd/pflogd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pflogd.h,v 1.3 2006/01/15 16:38:04 canacar Exp $ */ +/* $OpenBSD: pflogd.h,v 1.2 2004/01/15 20:15:14 canacar Exp $ */ /* * Copyright (c) 2003 Can Erkin Acar diff --git a/pflogd/privsep.c b/pflogd/privsep.c index 1139cb40f96b..bba6b868f725 100644 --- a/pflogd/privsep.c +++ b/pflogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.16 2006/10/25 20:55:04 moritz Exp $ */ +/* $OpenBSD: privsep.c,v 1.15 2006/03/06 10:45:56 djm Exp $ */ /* * Copyright (c) 2003 Can Erkin Acar diff --git a/pflogd/privsep_fdpass.c b/pflogd/privsep_fdpass.c index 0e6c3c4c1e80..ed56c0b6f4fb 100644 --- a/pflogd/privsep_fdpass.c +++ b/pflogd/privsep_fdpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep_fdpass.c,v 1.5 2008/03/24 16:11:08 deraadt Exp $ */ +/* $OpenBSD: privsep_fdpass.c,v 1.4 2008/03/15 16:19:02 deraadt Exp $ */ /* * Copyright 2001 Niels Provos <provos@citi.umich.edu> |