* Siju George <sgeorge....@gmail.com> [2012-05-04 08:44]: > On Thu, Apr 12, 2012 at 3:44 AM, Henning Brauer > <lists-openbsdt...@bsws.de> wrote: > > diffs are for current of course but should work for 5.1 as well - > > dunno what you are trying. > I have upgraded my firewall to 5.1 > could you please give ma a unified diff or something I can try
Index: if_pflog.c =================================================================== RCS file: /cvs/src/sys/net/if_pflog.c,v retrieving revision 1.49 diff -u -p -r1.49 if_pflog.c --- if_pflog.c 3 Feb 2012 01:57:50 -0000 1.49 +++ if_pflog.c 4 May 2012 08:59:00 -0000 @@ -80,6 +80,7 @@ #endif void pflogattach(int); +int pflogifs_resize(size_t); int pflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *); int pflogioctl(struct ifnet *, u_long, caddr_t); @@ -91,16 +92,14 @@ LIST_HEAD(, pflog_softc) pflogif_list; struct if_clone pflog_cloner = IF_CLONE_INITIALIZER("pflog", pflog_clone_create, pflog_clone_destroy); -struct ifnet *pflogifs[PFLOGIFS_MAX]; /* for fast access */ -struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL; +int npflogifs = 0; +struct ifnet **pflogifs = NULL; /* for fast access */ +struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL; void pflogattach(int npflog) { - int i; LIST_INIT(&pflogif_list); - for (i = 0; i < PFLOGIFS_MAX; i++) - pflogifs[i] = NULL; if (pflog_mhdr == NULL) if ((pflog_mhdr = m_get(M_DONTWAIT, MT_HEADER)) == NULL) panic("pflogattach: no mbuf"); @@ -111,15 +110,39 @@ pflogattach(int npflog) } int +pflogifs_resize(size_t n) +{ + struct ifnet **p; + int i; + + if (n > SIZE_MAX / sizeof(struct ifnet)) + return (EINVAL); + if (n == 0) + p = NULL; + else + if ((p = malloc(n * sizeof(struct ifnet), M_DEVBUF, + M_NOWAIT|M_ZERO)) == NULL) + return (ENOMEM); + for (i = 0; i < n; i++) + if (i < npflogifs) + p[i] = pflogifs[i]; + else + p[i] = NULL; + + if (pflogifs) + free(pflogifs, M_DEVBUF); + pflogifs = p; + npflogifs = n; + return (0); +} + +int pflog_clone_create(struct if_clone *ifc, int unit) { struct ifnet *ifp; struct pflog_softc *pflogif; int s; - if (unit >= PFLOGIFS_MAX) - return (EINVAL); - if ((pflogif = malloc(sizeof(*pflogif), M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL) return (ENOMEM); @@ -144,6 +167,10 @@ pflog_clone_create(struct if_clone *ifc, s = splnet(); LIST_INSERT_HEAD(&pflogif_list, pflogif, sc_list); + if (unit + 1 > npflogifs && pflogifs_resize(unit + 1) != 0) { + splx(s); + return (ENOMEM); + } pflogifs[unit] = ifp; splx(s); @@ -154,11 +181,16 @@ int pflog_clone_destroy(struct ifnet *ifp) { struct pflog_softc *pflogif = ifp->if_softc; - int s; + int s, i; s = splnet(); pflogifs[pflogif->sc_unit] = NULL; LIST_REMOVE(pflogif, sc_list); + + for (i = npflogifs; i > 0 && pflogifs[i - 1] == NULL; i--) + ; /* nothing */ + if (i < npflogifs) + pflogifs_resize(i); /* error harmless here */ splx(s); if_detach(ifp); @@ -225,7 +257,8 @@ pflog_packet(struct pf_pdesc *pd, u_int8 if (rm == NULL || pd == NULL || pd->kif == NULL || pd->m == NULL) return (-1); - if ((ifn = pflogifs[rm->logif]) == NULL || !ifn->if_bpf) + if (rm->logif >= npflogifs || (ifn = pflogifs[rm->logif]) == NULL || + !ifn->if_bpf) return (0); bzero(&hdr, sizeof(hdr)); -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/