hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-22 23:51:13 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

pflogd: Move struct definitions out of header file

Browse Source 
In libpcap 1.10.5, two structures that we relied on, pcap_timeval and
pcap_sf_pkthdr, were made private.  As a workaround, we initially
defined the structures in pflogd.h.  After further investigation, mostly
by kp@, we concluded that it is reasonable to define these structures
ourselves since they represent a file format and thus are unlikely to
change from under us.  We will stick with this solution but move the
definitions out of the header file to prevent others from using pflogd.h
to access them.

Another solution that was considered was using libpcap's pcap_dump()
function to write packets, but there are blockers.  For example, pflogd
writes to a memory buffer, and libpcap lacks support for this.

Reviewed by:	kp
MFC after:	3 days
Event:		EuroBSDCon 2024
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D46894
This commit is contained in:
Joseph Mingrone 2024-10-03 16:49:51 -03:00
parent 75734c4360
commit 34aa6f2c2d
No known key found for this signature in database
GPG Key ID: 36A40C83B0D6EF9E
2 changed files with 11 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
contrib/pf/pflogd/pflogd.c
View File

@ -74,6 +74,17 @@ char errbuf[PCAP_ERRBUF_SIZE];
int log_debug = 0; int log_debug = 0;
unsigned int delay = FLUSH_DELAY; unsigned int delay = FLUSH_DELAY;
struct pcap_timeval {
bpf_u_int32 tv_sec; /* seconds */
bpf_u_int32 tv_usec; /* microseconds */
};
struct pcap_sf_pkthdr {
struct pcap_timeval ts; /* time stamp */
bpf_u_int32 caplen; /* length of portion present */
bpf_u_int32 len; /* length of this packet (off wire) */
};
char *copy_argv(char * const *); char *copy_argv(char * const *);
void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *); void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
void dump_packet_nobuf(u_char *, const struct pcap_pkthdr *, const u_char *); void dump_packet_nobuf(u_char *, const struct pcap_pkthdr *, const u_char *);

13
contrib/pf/pflogd/pflogd.h
View File

@ -40,19 +40,6 @@ int priv_open_log(void);
int priv_move_log(void); int priv_move_log(void);
pcap_t *pcap_open_live_fd(int fd, int snaplen, char *ebuf); pcap_t *pcap_open_live_fd(int fd, int snaplen, char *ebuf);
/* XXX TODO: Investigate a permanent solution, rather than defining these two
structures here. */
struct pcap_timeval {
bpf_u_int32 tv_sec; /* seconds */
bpf_u_int32 tv_usec; /* microseconds */
};
struct pcap_sf_pkthdr {
struct pcap_timeval ts; /* time stamp */
bpf_u_int32 caplen; /* length of portion present */
bpf_u_int32 len; /* length of this packet (off wire) */
};
void set_pcap_filter(void); void set_pcap_filter(void);
/* File descriptor send/recv */ /* File descriptor send/recv */
void send_fd(int, int); void send_fd(int, int);