diff options
author | Can Erkin Acar <canacar@cvs.openbsd.org> | 2003-05-14 08:56:13 +0000 |
---|---|---|
committer | Can Erkin Acar <canacar@cvs.openbsd.org> | 2003-05-14 08:56:13 +0000 |
commit | b3e4f6cc0d067ebf3637a604aa9dea28f9043e20 (patch) | |
tree | 781757c585cbb5bd145c4e37bfa362e0d8fd8c80 | |
parent | b943f15f307e984b61bc679f67f3655994350b0c (diff) |
pflogd now uses the new pflog link type. Trying to append to an existing
old-style logfile will fail. Move away old log files.
ok henning@ dhartmei@ frantzen@
-rw-r--r-- | sbin/pflogd/pflogd.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/sbin/pflogd/pflogd.c b/sbin/pflogd/pflogd.c index d4b4dbe2af2..eecaf97afac 100644 --- a/sbin/pflogd/pflogd.c +++ b/sbin/pflogd/pflogd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pflogd.c,v 1.19 2003/04/23 22:44:53 deraadt Exp $ */ +/* $OpenBSD: pflogd.c,v 1.20 2003/05/14 08:56:12 canacar Exp $ */ /* * Copyright (c) 2001 Theo de Raadt @@ -46,7 +46,7 @@ #include <fcntl.h> #include <util.h> -#define DEF_SNAPLEN 96 /* default plus allow for larger header of pflog */ +#define DEF_SNAPLEN 116 /* default plus allow for larger header of pflog */ #define PCAP_TO_MS 500 /* pcap read timeout (ms) */ #define PCAP_NUM_PKTS 1000 /* max number of packets to process at each loop */ #define PCAP_OPT_FIL 0 /* filter optimization */ @@ -251,10 +251,16 @@ reset_dump(void) */ (void) fseek(fp, 0L, SEEK_SET); if (fread((char *)&hdr, sizeof(hdr), 1, fp) == 1) { - if (hdr.magic == TCPDUMP_MAGIC && - hdr.version_major == PCAP_VERSION_MAJOR && - hdr.version_minor == PCAP_VERSION_MINOR && - hdr.snaplen != snaplen) { + if (hdr.magic != TCPDUMP_MAGIC || + hdr.version_major != PCAP_VERSION_MAJOR || + hdr.version_minor != PCAP_VERSION_MINOR || + hdr.linktype != hpcap->linktype) { + logmsg(LOG_ERR, + "Invalid/incompatible log file, move it away"); + fclose(fp); + return (1); + } + if (hdr.snaplen != snaplen) { logmsg(LOG_WARNING, "Existing file specifies a snaplen of %u, using it", hdr.snaplen); |