diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2006-10-25 11:26:48 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2006-10-25 11:26:48 +0000 |
commit | 21a1d3c5ffca872a677e1459355d1810bd19e217 (patch) | |
tree | 67446db7788bb9e569ef0cf814a3b9d5181e54e7 | |
parent | ff41d9b3d524c37c68b96c09e7b65325a302f870 (diff) |
add a "u_int8_t logif" to struct pfrule to select to which pflog interface
logs go. ok mcbride
-rw-r--r-- | sys/net/if_pflog.c | 4 | ||||
-rw-r--r-- | sys/net/pf_ioctl.c | 10 | ||||
-rw-r--r-- | sys/net/pfvar.h | 3 |
3 files changed, 13 insertions, 4 deletions
diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c index 482d5233df1..d4e093f3468 100644 --- a/sys/net/if_pflog.c +++ b/sys/net/if_pflog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pflog.c,v 1.19 2006/10/23 12:46:09 henning Exp $ */ +/* $OpenBSD: if_pflog.c,v 1.20 2006/10/25 11:26:47 henning Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -221,7 +221,7 @@ pflog_packet(struct pfi_kif *kif, struct mbuf *m, sa_family_t af, u_int8_t dir, if (kif == NULL || m == NULL || rm == NULL || pd == NULL) return (-1); - if ((ifn = pflogifs[0]) == NULL || !ifn->if_bpf) + if ((ifn = pflogifs[rm->logif]) == NULL || !ifn->if_bpf) return (0); bzero(&hdr, sizeof(hdr)); diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 979cd3535d0..f3b929dcc76 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.169 2006/08/30 11:31:02 djm Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.170 2006/10/25 11:26:47 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -72,6 +72,10 @@ #include <net/if_pfsync.h> #endif /* NPFSYNC > 0 */ +#if NPFLOG > 0 +#include <net/if_pflog.h> +#endif /* NPFLOG > 0 */ + #ifdef INET6 #include <netinet/ip6.h> #include <netinet/in_pcb.h> @@ -1419,6 +1423,10 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) error = EBUSY; if (rule->rt && !rule->direction) error = EINVAL; +#if NPFLOG > 0 + if (rule->logif >= PFLOGIFS_MAX) + error = EINVAL; +#endif if (pf_rtlabel_add(&rule->src.addr) || pf_rtlabel_add(&rule->dst.addr)) error = EBUSY; diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 48c6ada497c..0a221b3825d 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.238 2006/10/17 14:08:17 reyk Exp $ */ +/* $OpenBSD: pfvar.h,v 1.239 2006/10/25 11:26:47 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -563,6 +563,7 @@ struct pf_rule { u_int8_t action; u_int8_t direction; u_int8_t log; + u_int8_t logif; u_int8_t quick; u_int8_t ifnot; u_int8_t match_tag_not; |