From ab6b5633b9d5fda932c3ca1b0d710aa8a55e7bbe Mon Sep 17 00:00:00 2001
From: Daniel Hartmeier <dhartmei@cvs.openbsd.org>
Date: Fri, 27 May 2005 20:17:32 +0000
Subject: pass UID_MAX/NO_PID when the socket lookup failed, so tcpdump can
 suppress output in this case.

---
 sys/net/if_pflog.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/sys/net/if_pflog.c b/sys/net/if_pflog.c
index 158743d8083..d5370c1c7fa 100644
--- a/sys/net/if_pflog.c
+++ b/sys/net/if_pflog.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_pflog.c,v 1.13 2005/05/27 17:22:40 dhartmei Exp $	*/
+/*	$OpenBSD: if_pflog.c,v 1.14 2005/05/27 20:17:31 dhartmei Exp $	*/
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and 
@@ -39,6 +39,7 @@
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/mbuf.h>
+#include <sys/proc.h>
 #include <sys/socket.h>
 #include <sys/ioctl.h>
 
@@ -203,8 +204,13 @@ pflog_packet(struct pfi_kif *kif, struct mbuf *m, sa_family_t af, u_int8_t dir,
 	}
 	if (rm->log & PF_LOG_SOCKET_LOOKUP && !pd->lookup.done)
 		pd->lookup.done = pf_socket_lookup(dir, pd);
-	hdr.uid = pd->lookup.uid;
-	hdr.pid = pd->lookup.pid;
+	if (pd->lookup.done > 0) {
+		hdr.uid = pd->lookup.uid;
+		hdr.pid = pd->lookup.pid;
+	} else {
+		hdr.uid = UID_MAX;
+		hdr.pid = NO_PID;
+	}
 	hdr.rule_uid = rm->cuid;
 	hdr.rule_pid = rm->cpid;
 	hdr.dir = dir;
-- 
cgit v1.2.3