git: 5f840a1758b4 - main - pf: don't clobber log flag
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 04 Jan 2024 22:08:48 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=5f840a1758b4bbb4892118f43f40c6487c17aeba
commit 5f840a1758b4bbb4892118f43f40c6487c17aeba
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-01-02 13:54:06 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2024-01-04 22:08:08 +0000
pf: don't clobber log flag
If we decide to discard a packet due to unexpected IP options or
unsupported headers we set pd.act.log. However, this can later get
overwritten when we copy the state's saved actions over.
Merge the two log fields to ensure we log as expected.
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sys/netpfil/pf/pf.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index e19370cc7333..9e9743c1e5e0 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -8210,7 +8210,9 @@ done:
}
if (s) {
+ uint8_t log = pd.act.log;
memcpy(&pd.act, &s->act, sizeof(struct pf_rule_actions));
+ pd.act.log |= log;
tag = s->tag;
rt = s->rt;
} else {
@@ -8819,7 +8821,9 @@ done:
}
if (s) {
+ uint8_t log = pd.act.log;
memcpy(&pd.act, &s->act, sizeof(struct pf_rule_actions));
+ pd.act.log |= log;
tag = s->tag;
rt = s->rt;
} else {