diff options
| author | David Gwynne <dlg@cvs.openbsd.org> | 2009-02-23 21:16:36 +0000 |
|---|---|---|
| committer | David Gwynne <dlg@cvs.openbsd.org> | 2009-02-23 21:16:36 +0000 |
| commit | e89a47d9e1af09e618fc87d6bae915c66b982310 (patch) | |
| tree | 7c40799a5284376540fd7f5aba71d7223764fd92 /sys | |
| parent | 9d18d3cab2ded9491923ec1f9ff0538ba0b77399 (diff) | |
dont put pfsync packets on the wire if no syncdev is specified. issues
reported by david@
an earlier version of this was ok mcbride@
ok deraadt@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/if_pfsync.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 402836146e1..86a5ce950f7 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.108 2009/02/18 10:07:24 dlg Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.109 2009/02/23 21:16:35 dlg Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -1570,6 +1570,15 @@ pfsync_sendout(void) if (sc == NULL || sc->sc_len == PFSYNC_MINPKT) return; +#if NBPFILTER > 0 + if (ifp->if_bpf == NULL && sc->sc_sync_if == NULL) { +#else + if (sc->sc_sync_if == NULL) { +#endif + pfsync_drop(sc); + return; + } + MGETHDR(m, M_DONTWAIT, MT_DATA); if (m == NULL) { sc->sc_if.if_oerrors++; @@ -1699,7 +1708,14 @@ pfsync_sendout(void) m->m_data -= sizeof(*ip); m->m_len = m->m_pkthdr.len = sc->sc_len; } + + if (sc->sc_sync_if == NULL) { + sc->sc_len = PFSYNC_MINPKT; + m_freem(m); + return; + } #endif + sc->sc_if.if_opackets++; sc->sc_if.if_obytes += m->m_pkthdr.len; |