diff options
| author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2014-09-08 18:10:02 +0000 |
|---|---|---|
| committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2014-09-08 18:10:02 +0000 |
| commit | 07a039e83c4084e6831cd7c1deb1a732654f4d64 (patch) | |
| tree | d3712b4f5c4540052f64e5eb0ca4a2b5606520fd /sys/net/pfvar.h | |
| parent | 00a072a4784b0244f1059f20f996ef3b876e6e4b (diff) | |
When logging a packet to a listener on the pflog0 interface, the
function pflog_bpfcopy() is setting up a packet description with
pf_setup_pdesc(). When pf_setup_pdesc() is droppig a bad packet,
it increments the the pf status counters. This way bad packets
could be accounted multiple times. Now pflog_bpfcopy() passes a
reason pointer NULL to indicate that no accounting should be done.
From Florian Riehm; OK henning@
Diffstat (limited to 'sys/net/pfvar.h')
| -rw-r--r-- | sys/net/pfvar.h | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 222c885a529..7f2fb488edb 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.402 2014/08/12 15:29:33 mikeb Exp $ */ +/* $OpenBSD: pfvar.h,v 1.403 2014/09/08 18:10:01 bluhm Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1397,10 +1397,11 @@ struct pf_pdesc { #define REASON_SET(a, x) \ do { \ - if ((void *)(a) != NULL) \ + if ((void *)(a) != NULL) { \ *(a) = (x); \ - if (x < PFRES_MAX) \ - pf_status.counters[x]++; \ + if (x < PFRES_MAX) \ + pf_status.counters[x]++; \ + } \ } while (0) struct pf_status { |