Print this page
OS-7667 IPFilter needs to keep and report state for cloud firewall logging
Portions contributed by: Mike Gerdts <mike.gerdts@joyent.com>
@@ -5,13 +5,14 @@
*
* $Id: printfr.c,v 1.43.2.12 2005/06/12 07:18:42 darrenr Exp $
*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2019 Joyent, Inc.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
+#include <uuid/uuid.h>
#include "ipf.h"
/*
* print the filter structure in a useful way
@@ -384,11 +385,12 @@
}
if (*fp->fr_grhead != '\0')
printf(" head %s", fp->fr_grhead);
if (*fp->fr_group != '\0')
printf(" group %s", fp->fr_group);
- if (fp->fr_logtag != FR_NOLOGTAG || *fp->fr_nattag.ipt_tag) {
+ if (fp->fr_logtag != FR_NOLOGTAG || *fp->fr_nattag.ipt_tag ||
+ (fp->fr_flags & FR_CFWLOG) || !uuid_is_null(fp->fr_uuid)) {
char *s = "";
printf(" set-tag(");
if (fp->fr_logtag != FR_NOLOGTAG) {
printf("log=%u", fp->fr_logtag);
@@ -395,11 +397,23 @@
s = ", ";
}
if (*fp->fr_nattag.ipt_tag) {
printf("%snat=%-.*s", s, IPFTAG_LEN,
fp->fr_nattag.ipt_tag);
+ s = ", ";
}
+ if (fp->fr_flags & FR_CFWLOG) {
+ printf("cfwlog");
+ s = ", ";
+ }
+
+ if (!uuid_is_null(fp->fr_uuid)) {
+ char uuid[UUID_PRINTABLE_STRING_LENGTH];
+
+ uuid_unparse(fp->fr_uuid, uuid);
+ printf("%suuid=%s", s, uuid);
+ }
printf(")");
}
if (fp->fr_pps)
printf(" pps %d", fp->fr_pps);
(void)putchar('\n');