diff options
author | Niels Provos <provos@cvs.openbsd.org> | 2001-06-26 20:06:37 +0000 |
---|---|---|
committer | Niels Provos <provos@cvs.openbsd.org> | 2001-06-26 20:06:37 +0000 |
commit | 4bd38b28ad33d205bd1e197e7cc38c8282ade8a1 (patch) | |
tree | 72e53acadedf43357a6677eadfa137eceac0d84e /sys/net/pf.c | |
parent | 0652294b476010067362c5725f2456cf047d854f (diff) |
pass rule to logging for state matches
Diffstat (limited to 'sys/net/pf.c')
-rw-r--r-- | sys/net/pf.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index cc1633ab7ce..e3271384da1 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.59 2001/06/26 19:51:04 provos Exp $ */ +/* $OpenBSD: pf.c,v 1.60 2001/06/26 20:06:36 provos Exp $ */ /* * Copyright (c) 2001, Daniel Hartmeier @@ -2071,6 +2071,7 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf *m) { u_short action, reason = 0, log = 0; struct ip *h; + struct pf_rule *r = NULL; struct pf_state *s; int off; @@ -2111,6 +2112,7 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf *m) } if ((s = pf_test_state_tcp(dir, ifp, m, 0, off, h, &th))) { action = PF_PASS; + r = s->rule; log = s->log; } else action = pf_test_tcp(dir, ifp, m, 0, off, h, &th); @@ -2127,6 +2129,7 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf *m) } if ((s = pf_test_state_udp(dir, ifp, m, 0, off, h, &uh))) { action = PF_PASS; + r = s->rule; log = s->log; } else action = pf_test_udp(dir, ifp, m, 0, off, h, &uh); @@ -2143,6 +2146,7 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf *m) } if ((s = pf_test_state_icmp(dir, ifp, m, 0, off, h, &ih))) { action = PF_PASS; + r = s->rule; log = s->log; } else action = pf_test_icmp(dir, ifp, m, 0, off, h, &ih); @@ -2160,11 +2164,14 @@ done: pf_status.packets[dir][action]++; } if (log) { - struct pf_rule r; + struct pf_rule r0; - r.ifp = ifp; - r.action = action; - PFLOG_PACKET(h, m, AF_INET, dir, reason, -1, &r); + if (r == NULL) { + r0.ifp = ifp; + r0.action = action; + r = &r0; + } + PFLOG_PACKET(h, m, AF_INET, dir, reason, -1, r); } return (action); } |