/* \summary: OpenBSD packet filter log file printer */
#ifdef HAVE_CONFIG_H
-#include "config.h"
+#include <config.h>
#endif
#ifndef HAVE_NET_PFVAR_H
#include <net/pfvar.h>
#include <net/if_pflog.h>
-#include <netdissect-stdinc.h>
+#include "netdissect-stdinc.h"
#include "netdissect.h"
#include "extract.h"
-static const char tstr[] = "[|pflog]";
static const struct tok pf_reasons[] = {
{ 0, "0(match)" },
{
uint32_t rulenr, subrulenr;
- rulenr = EXTRACT_BE_U_4(&hdr->rulenr);
- subrulenr = EXTRACT_BE_U_4(&hdr->subrulenr);
+ ndo->ndo_protocol = "pflog";
+ rulenr = GET_BE_U_4(&hdr->rulenr);
+ subrulenr = GET_BE_U_4(&hdr->subrulenr);
if (subrulenr == (uint32_t)-1)
- ND_PRINT((ndo, "rule %u/", rulenr));
+ ND_PRINT("rule %u/", rulenr);
else
- ND_PRINT((ndo, "rule %u.%s.%u/", rulenr, hdr->ruleset, subrulenr));
+ ND_PRINT("rule %u.%s.%u/", rulenr, hdr->ruleset, subrulenr);
- ND_PRINT((ndo, "%s: %s %s on %s: ",
- tok2str(pf_reasons, "unkn(%u)", EXTRACT_U_1(&hdr->reason)),
- tok2str(pf_actions, "unkn(%u)", EXTRACT_U_1(&hdr->action)),
- tok2str(pf_directions, "unkn(%u)", EXTRACT_U_1(&hdr->dir)),
- hdr->ifname));
+ ND_PRINT("%s: %s %s on %s: ",
+ tok2str(pf_reasons, "unkn(%u)", GET_U_1(&hdr->reason)),
+ tok2str(pf_actions, "unkn(%u)", GET_U_1(&hdr->action)),
+ tok2str(pf_directions, "unkn(%u)", GET_U_1(&hdr->dir)),
+ hdr->ifname);
}
-u_int
+void
pflog_if_print(netdissect_options *ndo, const struct pcap_pkthdr *h,
const u_char *p)
{
const struct pfloghdr *hdr;
uint8_t af;
+ ndo->ndo_protocol = "pflog";
/* check length */
if (caplen < sizeof(uint8_t)) {
- ND_PRINT((ndo, "%s", tstr));
- return (caplen);
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += h->caplen;
+ return;
}
#define MIN_PFLOG_HDRLEN 45
hdr = (const struct pfloghdr *)p;
- if (hdr->length < MIN_PFLOG_HDRLEN) {
- ND_PRINT((ndo, "[pflog: invalid header length!]"));
- return (hdr->length); /* XXX: not really */
+ if (GET_U_1(&hdr->length) < MIN_PFLOG_HDRLEN) {
+ ND_PRINT("[pflog: invalid header length!]");
+ ndo->ndo_ll_hdr_len += GET_U_1(&hdr->length); /* XXX: not really */
+ return;
}
hdrlen = BPF_WORDALIGN(hdr->length);
if (caplen < hdrlen) {
- ND_PRINT((ndo, "%s", tstr));
- return (hdrlen); /* XXX: true? */
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += hdrlen; /* XXX: true? */
+ return;
}
/* print what we know */
- ND_TCHECK(*hdr);
+ ND_TCHECK_SIZE(hdr);
if (ndo->ndo_eflag)
pflog_print(ndo, hdr);
/* skip to the real packet */
- af = EXTRACT_U_1(&hdr->af);
+ af = GET_U_1(&hdr->af);
length -= hdrlen;
caplen -= hdrlen;
p += hdrlen;
ND_DEFAULTPRINT(p, caplen);
}
- return (hdrlen);
+ ndo->ndo_ll_hdr_len += hdrlen;
+ return;
trunc:
- ND_PRINT((ndo, "%s", tstr));
- return (hdrlen);
+ nd_print_trunc(ndo);
+ ndo->ndo_ll_hdr_len += hdrlen;
+ return;
}
-
-/*
- * Local Variables:
- * c-style: whitesmith
- * c-basic-offset: 8
- * End:
- */
projects / tcpdump / blobdiff