summaryrefslogtreecommitdiff
path: root/sbin/pflogd
AgeCommit message (Collapse)Author
2017-07-23Don't hit pledge(2) restrictions on interface departureJeremie Courreges-Anglas
if_exists() can't be used after dropping privileges, since it uses socket(2) and ioctl(SIOCGIFDATA). We're just trying to know whether an interface exists, and if_nametoindex(3) is enough for that. ok deraadt@
2017-07-04Revert back previous, pledge cannot be enabled on the privsep'd proc yet, atRicardo Mestre
least not as is Reported by tim@, OK deraadt@ to backout the pledge for now
2017-06-12pledge(2) bpf has been in use for some time now on tcpdump(8), this will enableRicardo Mestre
it also for pflogd(8)'s priv proc. OK deraadt@
2017-05-30Fix escaping: .Nm Op Fl "Dx" turning into "pflogd [-DragonFly]"Ingo Schwarze
is funny, but not useful, so say .Nm Op Fl \&Dx as required.
2017-01-23Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP onlyTheo de Raadt
upon "inet". Adjust the 4 programs that care about this.
2017-01-23pflogd will need pledge(proc), still disabled because of bfdSebastian Benoit
ok deraadt@
2016-01-16Interface status printing (at exit and USR1) was broken for a while.Can Erkin Acar
Remove it completely to simplify the code. even better deraadt@
2015-10-10pflogd contained the same "privsep error" as tcpdump -- assuming thatTheo de Raadt
it can ioctl()'s against a bpf device node. Privsep that operation via a message to the parent process. Unfortunately "rpath wpath cpath" is still needed due to SIGHUP handling, but I have asked canacar the expert to look into this.
2015-04-28Someone went to the trouble of vertically aligning a set of parameters butMike Larkin
missed one. This diff is only a spacing change.
2015-02-15Use "In" to mark up include files, instead of wrongly wrapping with Aq.Anthony J. Bentley
Aq is not the same as <> in non-ASCII situations, so this caused incorrect output in some places. And it provided no semantics besides. ok schwarze@
2015-02-07When getopt processing flags, many should be flag=1 instead of flag++Theo de Raadt
ok tedu miod
2014-11-20remove sys/file.h includes in favor of fcntl.h where needed.Ted Unangst
ok deraadt guenther
2014-11-18Nuke some obvious #include duplications.Kenneth R Westerback
ok espie@ deraadt@ millert@ tedu@
2014-06-26Create temporary file with mkstemp and unlink if rename operation fails.Tobias Stoeckmann
ok deraadt@, henning@
2014-01-21obvious .Pa fixes; found with mandocdb(8)Ingo Schwarze
2013-09-13errx() provides its own newline, so remove it from the string hereBret Lambert
ok henning@
2013-07-16Add missing .Mt macros for AUTHORS email addresses.Ingo Schwarze
From Jan Stary <hans at stare dot cz>. ok jmc@
2013-06-19Do not install pcap-int.h to /usr/include as it is an internal libraryLawrence Teo
header (pointed out by matthew@). Let only pflogd and tcpdump include pcap-int.h directly since they need it for privilege separation. "looks good" sthen feedback/ok deraadt matthew millert
2012-12-04remove some unnecessary sys/param.h inclusionsTheo de Raadt
2012-11-06Ensure that if_exists() always closes its socket before returning.Lawrence Teo
Also fix a bug where the return value of if_exists() was not checked correctly if the interface disappears while pflogd is running. ok beck henning
2012-06-25log all, not log-all; ok henningJason McIntyre
2012-04-04Return an error much earlier if recvmsg failsTheo de Raadt
2012-03-05fix format string:Henning Brauer
use %zu for size_t and %d for signed ints first one triggered by a mail from joerg @ netbsd, thanks. ok millert dlg
2011-10-12default snaplen is 160 these daysHenning Brauer
From: giovanni <qgiovanni at gmail dot com>
2011-05-06put the tcpdump-specific stuff in a sane place (that is, not EXAMPLES);Jason McIntyre
ok sthen henning
2010-09-21bump default snaplen so that pfloghdr + ip hdr + prot hdr usually fitHenning Brauer
2010-05-14nowadays, .Dx is callable, so we need to quote it;Ingo Schwarze
ok jmc@ millert@ henning@ kristaps@
2009-12-24spelling fixes, from Brad Tilley; we will not fix src/sbin/dump/dump.hIgor Sobrado
as neither arrayified not arrayfied exist -- sanctioned dictionaries like Merriam-Webster ones suggest a few alternatives (e.g., arrayed), however these made up words are easy to understand and we are not certain that current ones are not ok. ok jmc@
2009-12-03Adjust pflog BPF descriptions, problem pointed out by jmc@Stuart Henderson
- sync actions with PF changes (pass/block/match not just pass/block, and remove some binat/nat/rdr entries) - list all reason codes in tcpdump(8) ok henning jmc
2009-11-16pflogd no longer needs libutil; ok deraadt@Otto Moerbeek
2009-11-04tweak previous;Jason McIntyre
2009-11-03Get rid of pflogd.pid because the privsep child cannot delete the pidfile;Theo de Raadt
use pkill(1) in /etc/newsyslog.conf instead together with otto and suggestions from tedu
2008-10-22log pcap stats upon SIGUSR1; ok canacarHenning Brauer
From: Dave Harrison <dave@nullcube.com>
2008-03-24msg_controllen has to be CMSG_SPACE so that the kernel can account forTheo de Raadt
each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
2008-03-15Repair the simple cases for msg_controllen where it should just beTheo de Raadt
CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
2008-03-13Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due toTheo de Raadt
an extensive discussion with otto, kettenis, millert, and hshoexer
2008-01-14clear up pidfile(-p) option formOkan Demirmen
tweaked by jmc, ok henning
2007-06-06fix oups, mlist@scapa.dnsalias.netHenning Brauer
2007-06-06reverse logic of if_exists so that if_exists(interface) is true ifHenning Brauer
interface exists and !if_exists(interface) is when it doesn't
2007-06-04use warn() where warn() is intended, not err()Henning Brauer
exit nonzero if the inetrface does not exist From: tbert <bret.lambert@gmail.com>
2007-06-02do not shadow globals (in if_exists)Henning Brauer
2007-06-02on pcap error, check wether the interface went away and exit if it did.Henning Brauer
spinning and flooding syslog in that case was not so nice.
2007-05-31convert to new .Dd format;Jason McIntyre
2007-05-27Complain to stderr if cloned pflog interface doesn't exist. Previously only ↵Jason Dixon
logged LOG_ERR to syslog. ok henning@
2007-04-07- use .Bk/.Ek to avoid SYNOPSIS splittingJason McIntyre
- put -p in the correct place - sync the -p argument name and tweak its description - add -p to usage()
2007-04-06Adds a pidfile argument to pflogd so that individualCan Erkin Acar
instances can be rotated via newsyslog. From Berk Demir < bdd at mindcast org > ok henning@
2006-12-08state that if the log file is bad, it is first moved out of the way. ifJoel Knight
that fails, then logging is suspended.
2006-12-06styleMichael Knudsen
2006-11-26repair missing DPADD requestsTheo de Raadt
2006-11-19Default snaplen has been 116 for a while now.Joel Knight