Download raw body.
Stop logging to syslog when an IPv6 packet cannot be forwarded.
IPv4 does not do this and it is one of thousands of things that can go
wrong and we do not log those either.
With that net.inet6.ip6.log_interval can go.
OK?
diff --git lib/libc/sys/sysctl.2 lib/libc/sys/sysctl.2
index bd31f3aa0f4..b4a34f2748c 100644
--- lib/libc/sys/sysctl.2
+++ lib/libc/sys/sysctl.2
@@ -1849,7 +1849,6 @@ The currently defined protocols and names are:
.It ip6 Ta forwarding Ta integer Ta yes
.It ip6 Ta hdrnestlimit Ta integer Ta yes
.It ip6 Ta hlim Ta integer Ta yes
-.It ip6 Ta log_interval Ta integer Ta yes
.It ip6 Ta maxdynroutes Ta integer Ta yes
.It ip6 Ta maxfragpackets Ta integer Ta yes
.It ip6 Ta maxfrags Ta integer Ta yes
@@ -1973,12 +1972,6 @@ This value applies to all the transport protocols on top of IPv6.
Methods for overriding this value are documented in
.Xr ip6 4 .
.Pp
-.It Li ip6.log_interval Pq Va net.inet6.ip6.log_interval
-This variable permits adjusting the amount of logs generated by the
-IPv6 packet forwarding engine.
-The value indicates the number of
-seconds of interval which must elapse between log output.
-.Pp
.It Li ip6.maxdynroutes Pq Va net.inet6.ip6.maxdynroutes
Maximum number of routes created by redirect.
Set to negative to disable.
diff --git sys/netinet6/in6.h sys/netinet6/in6.h
index b3b7c28fc04..a6826e8756e 100644
--- sys/netinet6/in6.h
+++ sys/netinet6/in6.h
@@ -616,7 +616,7 @@ ifatoia6(struct ifaddr *ifa)
{ "sourcecheck_logint", CTLTYPE_INT }, \
{ 0, 0 }, \
{ 0, 0 }, \
- { "log_interval", CTLTYPE_INT }, \
+ { 0, 0 }, \
{ "hdrnestlimit", CTLTYPE_INT }, \
{ "dad_count", CTLTYPE_INT }, \
{ "auto_flowlabel", CTLTYPE_INT }, \
diff --git sys/netinet6/in6_proto.c sys/netinet6/in6_proto.c
index cf78a56d460..1f13bba4191 100644
--- sys/netinet6/in6_proto.c
+++ sys/netinet6/in6_proto.c
@@ -357,7 +357,6 @@ int ip6_defhlim = IPV6_DEFHLIM; /* [a] */
int ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS; /* [a] */
int ip6_maxfragpackets = 200; /* [a] */
int ip6_maxfrags = 200; /* [a] */
-int ip6_log_interval = 5; /* [a] */
int ip6_hdrnestlimit = 10; /* [a] appropriate? */
int ip6_dad_count = 1; /* [a] DupAddrDetectionTransmits */
int ip6_dad_pending; /* number of currently running DADs */
@@ -365,7 +364,6 @@ int ip6_auto_flowlabel = 1; /* [a] */
int ip6_mcast_pmtu = 0; /* [a] enable pMTU discovery for multicast? */
int ip6_neighborgcthresh = 2048; /* [a] Threshold # of NDP entries for GC */
int ip6_maxdynroutes = 4096; /* [a] Max # of routes created via redirect */
-time_t ip6_log_time = (time_t)0L;
/* raw IP6 parameters */
/*
diff --git sys/netinet6/ip6_forward.c sys/netinet6/ip6_forward.c
index 3d65103d8bb..672c02b329d 100644
--- sys/netinet6/ip6_forward.c
+++ sys/netinet6/ip6_forward.c
@@ -94,7 +94,6 @@ ip6_forward(struct mbuf *m, struct route *ro, int flags)
#ifdef IPSEC
struct tdb *tdb = NULL;
#endif /* IPSEC */
- char src6[INET6_ADDRSTRLEN], dst6[INET6_ADDRSTRLEN];
/*
* Do not forward packets to multicast destination (should be handled
@@ -105,21 +104,7 @@ ip6_forward(struct mbuf *m, struct route *ro, int flags)
if ((m->m_flags & (M_BCAST|M_MCAST)) != 0 ||
IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
- time_t uptime;
-
ip6stat_inc(ip6s_cantforward);
- uptime = getuptime();
-
- if (ip6_log_time + atomic_load_int(&ip6_log_interval) <
- uptime) {
- ip6_log_time = uptime;
- inet_ntop(AF_INET6, &ip6->ip6_src, src6, sizeof(src6));
- inet_ntop(AF_INET6, &ip6->ip6_dst, dst6, sizeof(dst6));
- log(LOG_DEBUG,
- "cannot forward "
- "from %s to %s nxt %d received on interface %u\n",
- src6, dst6, ip6->ip6_nxt, ifidx);
- }
m_freem(m);
goto done;
}
@@ -222,22 +207,8 @@ reroute:
*/
if (in6_addr2scopeid(ifidx, &ip6->ip6_src) !=
in6_addr2scopeid(rt->rt_ifidx, &ip6->ip6_src)) {
- time_t uptime;
-
ip6stat_inc(ip6s_cantforward);
ip6stat_inc(ip6s_badscope);
- uptime = getuptime();
-
- if (ip6_log_time + atomic_load_int(&ip6_log_interval) <
- uptime) {
- ip6_log_time = uptime;
- inet_ntop(AF_INET6, &ip6->ip6_src, src6, sizeof(src6));
- inet_ntop(AF_INET6, &ip6->ip6_dst, dst6, sizeof(dst6));
- log(LOG_DEBUG,
- "cannot forward "
- "src %s, dst %s, nxt %d, rcvif %u, outif %u\n",
- src6, dst6, ip6->ip6_nxt, ifidx, rt->rt_ifidx);
- }
type = ICMP6_DST_UNREACH;
code = ICMP6_DST_UNREACH_BEYONDSCOPE;
m_freem(m);
diff --git sys/netinet6/ip6_input.c sys/netinet6/ip6_input.c
index f7d89316c8d..37680d7fe52 100644
--- sys/netinet6/ip6_input.c
+++ sys/netinet6/ip6_input.c
@@ -1447,7 +1447,6 @@ const struct sysctl_bounded_args ipv6ctl_vars[] = {
#endif
{ IPV6CTL_DEFHLIM, &ip6_defhlim, 0, 255 },
{ IPV6CTL_MAXFRAGPACKETS, &ip6_maxfragpackets, 0, 1000 },
- { IPV6CTL_LOG_INTERVAL, &ip6_log_interval, 0, INT_MAX },
{ IPV6CTL_HDRNESTLIMIT, &ip6_hdrnestlimit, 0, 100 },
{ IPV6CTL_DAD_COUNT, &ip6_dad_count, 0, 10 },
{ IPV6CTL_AUTO_FLOWLABEL, &ip6_auto_flowlabel, 0, 1 },
diff --git sys/netinet6/ip6_mroute.c sys/netinet6/ip6_mroute.c
index 3b0b54af5ca..b942728b407 100644
--- sys/netinet6/ip6_mroute.c
+++ sys/netinet6/ip6_mroute.c
@@ -951,18 +951,6 @@ ip6_mforward(struct ip6_hdr *ip6, struct ifnet *ifp, struct mbuf *m, int flags)
*/
if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
ip6stat_inc(ip6s_cantforward);
- if (ip6_log_time + atomic_load_int(&ip6_log_interval) <
- getuptime()) {
- char src[INET6_ADDRSTRLEN], dst[INET6_ADDRSTRLEN];
-
- ip6_log_time = getuptime();
-
- inet_ntop(AF_INET6, &ip6->ip6_src, src, sizeof(src));
- inet_ntop(AF_INET6, &ip6->ip6_dst, dst, sizeof(dst));
- log(LOG_DEBUG, "cannot forward "
- "from %s to %s nxt %d received on interface %u\n",
- src, dst, ip6->ip6_nxt, m->m_pkthdr.ph_ifidx);
- }
return 0;
}
diff --git sys/netinet6/ip6_var.h sys/netinet6/ip6_var.h
index aff1126c9ee..37f733dfd7d 100644
--- sys/netinet6/ip6_var.h
+++ sys/netinet6/ip6_var.h
@@ -289,8 +289,6 @@ extern struct socket *ip6_mrouter[RT_TABLEID_MAX + 1]; /* multicast routing daem
extern int ip6_sendredirects; /* send IP redirects when forwarding? */
extern int ip6_maxfragpackets; /* Maximum packets in reassembly queue */
extern int ip6_maxfrags; /* Maximum fragments in reassembly queue */
-extern int ip6_log_interval;
-extern time_t ip6_log_time;
extern int ip6_hdrnestlimit; /* upper limit of # of extension headers */
extern int ip6_dad_count; /* DupAddrDetectionTransmits */
extern int ip6_dad_pending; /* number of currently running DADs */
--
In my defence, I have been left unsupervised.
Stop logging to syslog when an IPv6 packet cannot be forwarded.