add more debugging

author Alan T. DeKok <aland@freeradius.org>

Wed, 10 Jan 2024 22:24:41 +0000 (17:24 -0500)

committer Alan T. DeKok <aland@freeradius.org>

Wed, 10 Jan 2024 22:24:50 +0000 (17:24 -0500)
author Alan T. DeKok <aland@freeradius.org>
Wed, 10 Jan 2024 22:24:41 +0000 (17:24 -0500)
committer Alan T. DeKok <aland@freeradius.org>
Wed, 10 Jan 2024 22:24:50 +0000 (17:24 -0500)
diff --git a/src/lib/io/master.c b/src/lib/io/master.c

index 45660c13f16a6a056e9e6c3c49c788c79793be45..17b51426746a5bc062187316f339d1fa33cacfcb 100644 (file)
--- a/src/lib/io/master.c
+++ b/src/lib/io/master.c
@@ -1532,12 +1532,20 @@ do_read:
                          */
                         network = fr_trie_lookup_by_key(inst->networks, &address.socket.inet.src_ipaddr.addr,
                                                  address.socket.inet.src_ipaddr.prefix);
-                       if (!network) goto ignore;
+                       if (!network) {
+                               DEBUG3("Source IP %pV is outside of 'allowed' network range",
+                                      fr_box_ipaddr(address.socket.inet.src_ipaddr));
+                               goto ignore;
+                       }
  
                         /*
                          *      It exists, but it's a "deny" rule, ignore it.
                          */
-                       if (network->af == AF_UNSPEC) goto ignore;
+                       if (network->af == AF_UNSPEC) {
+                               DEBUG3("Source IP %pV is forbidden by the 'deny' network range",
+                                      fr_box_ipaddr(address.socket.inet.src_ipaddr));
+                               goto ignore;
+                       }
  
                         /*
                          *      Allocate our local radclient as a
author	Alan T. DeKok <aland@freeradius.org>
	Wed, 10 Jan 2024 22:24:41 +0000 (17:24 -0500)
committer	Alan T. DeKok <aland@freeradius.org>
	Wed, 10 Jan 2024 22:24:50 +0000 (17:24 -0500)