diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2012-01-15 22:55:36 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2012-01-15 22:55:36 +0000 |
| commit | 1621f3a0fe4db02c05e4903f978afe276bde3733 (patch) | |
| tree | 5f4eb736a5ee831ea5ceb78a053925f17ccb7b49 /sys/net/if_pflog.c | |
| parent | a77c320810e780975ed28ae29c66aa0afc95fb3f (diff) | |
Calling pf_normalize_ip() from pf_setup_pdesc() was bad as the
latter is called from pf packet logging. This resulted in normalization
and reassembly of bad packets to be logged. So rearrange the code
and move the call to pf_test().
ok henning@
Diffstat (limited to 'sys/net/if_pflog.c')
| -rw-r--r-- | sys/net/if_pflog.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c index ef6cecc94e0..5db79bddda2 100644 --- a/sys/net/if_pflog.c +++ b/sys/net/if_pflog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pflog.c,v 1.46 2011/12/21 14:46:24 mikeb Exp $ */ +/* $OpenBSD: if_pflog.c,v 1.47 2012/01/15 22:55:35 bluhm Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr) and @@ -280,7 +280,7 @@ pflog_bpfcopy(const void *src_arg, void *dst_arg, size_t len) struct pfloghdr *pfloghdr; u_int count; u_char *dst, *mdst, *cp; - u_short action, reason; + u_short reason; int afto, hlen, mlen, off; union pf_headers { struct tcphdr tcp; @@ -393,7 +393,7 @@ pflog_bpfcopy(const void *src_arg, void *dst_arg, size_t len) /* rewrite addresses if needed */ if (pf_setup_pdesc(&pd, &pdhdrs, pfloghdr->af, pfloghdr->dir, NULL, - &mhdr, &action, &reason) == -1) + mhdr, &reason) != PF_PASS) return; pd.naf = pfloghdr->naf; |