subrulenr = GET_BE_U_4(&hdr->subrulenr);
if (subrulenr == (uint32_t)-1)
ND_PRINT("rule %u/", rulenr);
- else
- ND_PRINT("rule %u.%s.%u/", rulenr, hdr->ruleset, subrulenr);
+ else {
+ ND_PRINT("rule %u.", rulenr);
+ nd_printjnp(ndo, (const u_char*)hdr->ruleset, PFLOG_RULESET_NAME_SIZE);
+ ND_PRINT(".%u/", subrulenr);
+ }
- ND_PRINT("%s: %s %s on %s: ",
+ ND_PRINT("%s: %s %s on ",
tok2str(pf_reasons, "unkn(%u)", GET_U_1(&hdr->reason)),
tok2str(pf_actions, "unkn(%u)", GET_U_1(&hdr->action)),
- tok2str(pf_directions, "unkn(%u)", GET_U_1(&hdr->dir)),
- hdr->ifname);
+ tok2str(pf_directions, "unkn(%u)", GET_U_1(&hdr->dir)));
+ nd_printjnp(ndo, (const u_char*)hdr->ifname, IFNAMSIZ);
+ ND_PRINT(": ");
}
-u_int
+void
pflog_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h,
const u_char *p)
{
const struct pfloghdr *hdr;
uint8_t af;
- ndo->ndo_protocol = "pflog_if";
+ ndo->ndo_protocol = "pflog";
/* check length */
if (caplen < sizeof(uint8_t)) {
nd_print_trunc(ndo);
- return (caplen);
+ ndo->ndo_ll_hdr_len += h->caplen;
+ return;
}
#define MIN_PFLOG_HDRLEN 45
hdr = (const struct pfloghdr *)p;
- if (hdr->length < MIN_PFLOG_HDRLEN) {
+ if (GET_U_1(&hdr->length) < MIN_PFLOG_HDRLEN) {
ND_PRINT("[pflog: invalid header length!]");
- return (hdr->length); /* XXX: not really */
+ ndo->ndo_ll_hdr_len += GET_U_1(&hdr->length); /* XXX: not really */
+ return;
}
hdrlen = BPF_WORDALIGN(hdr->length);
if (caplen < hdrlen) {
nd_print_trunc(ndo);
- return (hdrlen); /* XXX: true? */
+ ndo->ndo_ll_hdr_len += hdrlen; /* XXX: true? */
+ return;
}
/* print what we know */
ND_DEFAULTPRINT(p, caplen);
}
- return (hdrlen);
+ ndo->ndo_ll_hdr_len += hdrlen;
+ return;
trunc:
nd_print_trunc(ndo);
- return (hdrlen);
+ ndo->ndo_ll_hdr_len += hdrlen;
}
projects / tcpdump / blobdiff