* Siju George <sgeorge....@gmail.com> [2012-05-04 08:44]:
> On Thu, Apr 12, 2012 at 3:44 AM, Henning Brauer
> <lists-openbsdt...@bsws.de> wrote:
> > diffs are for current of course but should work for 5.1 as well -
> > dunno what you are trying.
> I have upgraded my firewall to 5.1
> could you please give ma a unified diff or something I can try
Index: if_pflog.c
===================================================================
RCS file: /cvs/src/sys/net/if_pflog.c,v
retrieving revision 1.49
diff -u -p -r1.49 if_pflog.c
--- if_pflog.c 3 Feb 2012 01:57:50 -0000 1.49
+++ if_pflog.c 4 May 2012 08:59:00 -0000
@@ -80,6 +80,7 @@
#endif
void pflogattach(int);
+int pflogifs_resize(size_t);
int pflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
struct rtentry *);
int pflogioctl(struct ifnet *, u_long, caddr_t);
@@ -91,16 +92,14 @@ LIST_HEAD(, pflog_softc) pflogif_list;
struct if_clone pflog_cloner =
IF_CLONE_INITIALIZER("pflog", pflog_clone_create, pflog_clone_destroy);
-struct ifnet *pflogifs[PFLOGIFS_MAX]; /* for fast access */
-struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL;
+int npflogifs = 0;
+struct ifnet **pflogifs = NULL; /* for fast access */
+struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL;
void
pflogattach(int npflog)
{
- int i;
LIST_INIT(&pflogif_list);
- for (i = 0; i < PFLOGIFS_MAX; i++)
- pflogifs[i] = NULL;
if (pflog_mhdr == NULL)
if ((pflog_mhdr = m_get(M_DONTWAIT, MT_HEADER)) == NULL)
panic("pflogattach: no mbuf");
@@ -111,15 +110,39 @@ pflogattach(int npflog)
}
int
+pflogifs_resize(size_t n)
+{
+ struct ifnet **p;
+ int i;
+
+ if (n > SIZE_MAX / sizeof(struct ifnet))
+ return (EINVAL);
+ if (n == 0)
+ p = NULL;
+ else
+ if ((p = malloc(n * sizeof(struct ifnet), M_DEVBUF,
+ M_NOWAIT|M_ZERO)) == NULL)
+ return (ENOMEM);
+ for (i = 0; i < n; i++)
+ if (i < npflogifs)
+ p[i] = pflogifs[i];
+ else
+ p[i] = NULL;
+
+ if (pflogifs)
+ free(pflogifs, M_DEVBUF);
+ pflogifs = p;
+ npflogifs = n;
+ return (0);
+}
+
+int
pflog_clone_create(struct if_clone *ifc, int unit)
{
struct ifnet *ifp;
struct pflog_softc *pflogif;
int s;
- if (unit >= PFLOGIFS_MAX)
- return (EINVAL);
-
if ((pflogif = malloc(sizeof(*pflogif),
M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL)
return (ENOMEM);
@@ -144,6 +167,10 @@ pflog_clone_create(struct if_clone *ifc,
s = splnet();
LIST_INSERT_HEAD(&pflogif_list, pflogif, sc_list);
+ if (unit + 1 > npflogifs && pflogifs_resize(unit + 1) != 0) {
+ splx(s);
+ return (ENOMEM);
+ }
pflogifs[unit] = ifp;
splx(s);
@@ -154,11 +181,16 @@ int
pflog_clone_destroy(struct ifnet *ifp)
{
struct pflog_softc *pflogif = ifp->if_softc;
- int s;
+ int s, i;
s = splnet();
pflogifs[pflogif->sc_unit] = NULL;
LIST_REMOVE(pflogif, sc_list);
+
+ for (i = npflogifs; i > 0 && pflogifs[i - 1] == NULL; i--)
+ ; /* nothing */
+ if (i < npflogifs)
+ pflogifs_resize(i); /* error harmless here */
splx(s);
if_detach(ifp);
@@ -225,7 +257,8 @@ pflog_packet(struct pf_pdesc *pd, u_int8
if (rm == NULL || pd == NULL || pd->kif == NULL || pd->m == NULL)
return (-1);
- if ((ifn = pflogifs[rm->logif]) == NULL || !ifn->if_bpf)
+ if (rm->logif >= npflogifs || (ifn = pflogifs[rm->logif]) == NULL ||
+ !ifn->if_bpf)
return (0);
bzero(&hdr, sizeof(hdr));
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
