[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    IP Filter 3.2alpha3
From:       Darren Reed <darrenr () cyber ! com ! au>
Date:       1997-03-31 11:14:28
[Download RAW message or body]


Well, after reading that the 0/32 wasn't working, I got back in there
and fixed that up (problem with the if_addr linked list walking), so
that's now working fine.

For those doing accounting, where applicable, I've added use of u_quad_t.
I don't know what is a good way to indentify if it is available (yet),
apart from using something like autoconf.

I also got down and completed the logging of NAT and state information.
A NAT mapping (and state information) is logged when it is first created
and when it is expired - NOT when it is deleted because of a flush.

ipmon has undergone a large amount of change to support this.  If you
use "ipmon -N", you should use "ipmon -n" with this version or later.
"ipmon -N" causes it to treat the input file as being a log of NAT log
records.  Similarly -S is used for state log records.  Both of these
should be used when you want to only read one log, with or without
using the -f command line option.  In normal use, if you have (say)
"ipmon -Ns", you would now use "ipmon -ans" to read all log devices,
resolve hostnames and send log info to syslogd.

I'll be open to ideas on how this can be improved/changed if people
think it would be better done in another way (a separate program for
each was going a bit far, I thought).

For now, the output looks like this:

31/03/1997 19:00:10.202230 STATE:NEW 10.0.0.1,2561 -> 10.1.0.1,23 PR tcp Pkts 1 Bytes 44
31/03/1997 19:00:42.190062 STATE:EXPIRE 10.0.0.1,2561 -> 10.1.0.1,23 PR tcp Pkts 52 Bytes 2368

I've uploaded a patch file as well as a new complete distribution.

For FreeBSD users, I'm upgrading to 2.2.1 this week and will start work on
making it work properly.

I'll also be committing this to -current for NetBSD and FreeBSD, sometime
this week.

Darren

ftp://coombs.anu.edu.au/pub/net/firewall/ip-filter/ip_fil3.2a3.tgz
ftp://coombs.anu.edu.au/pub/net/firewall/ip-filter/patch-3.2a3.gz

[prev in list] [next in list] [prev in thread] [next in thread]