diff options
author | jasoni <jasoni@cvs.openbsd.org> | 2001-12-11 03:08:48 +0000 |
---|---|---|
committer | jasoni <jasoni@cvs.openbsd.org> | 2001-12-11 03:08:48 +0000 |
commit | c4b5da3b3b2aefe4aa5ee00db75afd7cfa6711a4 (patch) | |
tree | 5c2def38c3f5e15f49724ffddcc158e10435f921 /sys | |
parent | 3055ec4b761020d79f60a24556ca5d6545b581e5 (diff) |
- Log packet while mbuf is still valid.
- If logging and r == NULL, use r0 leaving r untouched.
- Note that pf_route/pf_route6 can free the mbuf.
Thanks and ok frantzen@
Diffstat (limited to 'sys')
-rw-r--r-- | sys/net/pf.c | 50 |
1 files changed, 25 insertions, 25 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index b8d9950202b..11dfd4161e7 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.178 2001/12/10 18:28:32 dhartmei Exp $ */ +/* $OpenBSD: pf.c,v 1.179 2001/12/11 03:08:47 jasoni Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -4965,6 +4965,18 @@ done: ("pf: dropping packet with ip options\n")); } + if (log) { + if (r == NULL) { + struct pf_rule r0; + r0.ifp = ifp; + r0.action = action; + r0.nr = -1; + PFLOG_PACKET(ifp, h, m, AF_INET, dir, reason, &r0); + } else + PFLOG_PACKET(ifp, h, m, AF_INET, dir, reason, r); + } + + /* pf_route can free the mbuf causing *m to become NULL */ if (r && r->rt) { pf_route(m, r); if (r->rt != PF_DUPTO) { @@ -4973,18 +4985,6 @@ done: } } - if (log) { - struct pf_rule r0; - - if (r == NULL) { - r0.ifp = ifp; - r0.action = action; - r0.nr = -1; - r = &r0; - } - PFLOG_PACKET(ifp, h, m, AF_INET, dir, reason, r); - } - /* XXX (pf_rule *)r may now be invalid from the above log */ return (action); } #endif /* INET */ @@ -5147,6 +5147,18 @@ pf_test6(int dir, struct ifnet *ifp, struct mbuf **m0) done: /* XXX handle IPv6 options, if not allowed. not implemented. */ + if (log) { + if (r == NULL) { + struct pf_rule r0; + r0.ifp = ifp; + r0.action = action; + r0.nr = -1; + PFLOG_PACKET(ifp, h, m, AF_INET6, dir, reason, &r0); + } else + PFLOG_PACKET(ifp, h, m, AF_INET6, dir, reason, r); + } + + /* pf_route6 can free the mbuf causing *m to become NULL */ if (r && r->rt) { pf_route6(m, r); if (r->rt != PF_DUPTO) { @@ -5155,18 +5167,6 @@ done: } } - if (log) { - struct pf_rule r0; - - if (r == NULL) { - r0.ifp = ifp; - r0.action = action; - r0.nr = -1; - r = &r0; - } - PFLOG_PACKET(ifp, h, m, AF_INET6, dir, reason, r); - } - /* XXX (pf_rule *)r may now be invalid from the above log */ return (action); } #endif /* INET6 */ |