git: 5f840a1758b4 - main - pf: don't clobber log flag
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 04 Jan 2024 22:08:48 UTC
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=5f840a1758b4bbb4892118f43f40c6487c17aeba commit 5f840a1758b4bbb4892118f43f40c6487c17aeba Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2024-01-02 13:54:06 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2024-01-04 22:08:08 +0000 pf: don't clobber log flag If we decide to discard a packet due to unexpected IP options or unsupported headers we set pd.act.log. However, this can later get overwritten when we copy the state's saved actions over. Merge the two log fields to ensure we log as expected. Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index e19370cc7333..9e9743c1e5e0 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -8210,7 +8210,9 @@ done: } if (s) { + uint8_t log = pd.act.log; memcpy(&pd.act, &s->act, sizeof(struct pf_rule_actions)); + pd.act.log |= log; tag = s->tag; rt = s->rt; } else { @@ -8819,7 +8821,9 @@ done: } if (s) { + uint8_t log = pd.act.log; memcpy(&pd.act, &s->act, sizeof(struct pf_rule_actions)); + pd.act.log |= log; tag = s->tag; rt = s->rt; } else {