0001-pflogd-Make-pflogd-recognize-previous-logfile.patch

peeter, 05/06/2014 08:56 PM

Download (3.79 KB)

View differences:

usr.sbin/pflogd/pflogd.c
63 63
static int snaplen = DEF_SNAPLEN;
64 64
static int cur_snaplen = DEF_SNAPLEN;
65 65

  
66
volatile sig_atomic_t gotsig_close, gotsig_alrm, gotsig_hup;
66
volatile sig_atomic_t gotsig_close, gotsig_alrm, gotsig_hup, gotsig_usr1;
67 67

  
68 68
const char *filename = PFLOGD_LOG_FILE;
69 69
const char *interface = PFLOGD_DEFAULT_IF;
......
77 77
char *copy_argv(char * const *);
78 78
void  dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
79 79
void  dump_packet_nobuf(u_char *, const struct pcap_pkthdr *, const u_char *);
80
void  log_pcap_stats(void);
80 81
int   flush_buffer(FILE *);
81 82
int   if_exists(char *);
82 83
int   init_pcap(void);
84
void  logmsg(int, const char *, ...);
83 85
void  purge_buffer(void);
84 86
int   reset_dump(int);
85 87
int   scan_dump(FILE *, off_t);
86 88
int   set_snaplen(int);
87 89
void  set_suspended(int);
88 90
void  sig_alrm(int);
91
void  sig_usr1(int);
89 92
void  sig_close(int);
90 93
void  sig_hup(int);
91 94
void  usage(void);
......
183 186
}
184 187

  
185 188
void
189
sig_usr1(int sig __unused)
190
{
191
	gotsig_usr1 = 1;
192
}
193

  
194
void
186 195
set_pcap_filter(void)
187 196
{
188 197
	struct bpf_program bprog;
......
372 381
scan_dump(FILE *fp, off_t size)
373 382
{
374 383
	struct pcap_file_header hdr;
375
	struct pcap_pkthdr ph;
384
	struct pcap_sf_pkthdr ph;
376 385
	off_t pos;
377 386

  
378 387
	/*
......
383 392
	 *
384 393
	 * XXX this may take a long time for large logs.
385 394
	 */
386
	fseek(fp, 0L, SEEK_SET);
395
	(void) fseek(fp, 0L, SEEK_SET);
387 396

  
388 397
	if (fread((char *)&hdr, sizeof(hdr), 1, fp) != 1) {
389 398
		logmsg(LOG_ERR, "Short file header");
......
571 580
	return;
572 581
}
573 582

  
583

  
584
void
585
log_pcap_stats(void)
586
{
587
	struct pcap_stat pstat;
588
	if (pcap_stats(hpcap, &pstat) < 0)
589
		logmsg(LOG_WARNING, "Reading stats: %s", pcap_geterr(hpcap));
590
	else
591
		logmsg(LOG_NOTICE,
592
               "%u packets received, %u/%ld dropped (kernel/pflogd)",
593
               pstat.ps_recv, pstat.ps_drop, packets_dropped);
594
}
595

  
574 596
int
575 597
main(int argc, char **argv)
576 598
{
577
	struct pcap_stat pstat;
578 599
	int ch, np, ret, Xflag = 0;
579 600
	pcap_handler phandler = dump_packet;
580 601
	const char *errstr = NULL;
......
646 667
		pidfile_write(pfh);
647 668
	}
648 669

  
649
	umask(S_IRWXG | S_IRWXO);
670
	tzset();
671
	(void)umask(S_IRWXG | S_IRWXO);
650 672

  
651 673
	/* filter will be used by the privileged process */
652 674
	if (argc) {
......
673 695
	signal(SIGINT, sig_close);
674 696
	signal(SIGQUIT, sig_close);
675 697
	signal(SIGALRM, sig_alrm);
698
	signal(SIGUSR1, sig_usr1);
676 699
	signal(SIGHUP, sig_hup);
677 700
	alarm(delay);
678 701

  
......
728 751
			gotsig_alrm = 0;
729 752
			alarm(delay);
730 753
		}
754

  
755
		if (gotsig_usr1) {
756
			log_pcap_stats();
757
			gotsig_usr1 = 0;
758
		}
731 759
	}
732 760

  
733 761
	logmsg(LOG_NOTICE, "Exiting");
......
737 765
	}
738 766
	purge_buffer();
739 767

  
740
	if (pcap_stats(hpcap, &pstat) < 0)
741
		logmsg(LOG_WARNING, "Reading stats: %s", pcap_geterr(hpcap));
742
	else
743
		logmsg(LOG_NOTICE,
744
		    "%u packets received, %u/%ld dropped (kernel/pflogd)",
745
		    pstat.ps_recv, pstat.ps_drop, packets_dropped);
746

  
768
	log_pcap_stats();
747 769
	pcap_close(hpcap);
748 770
	if (!Debug)
749 771
		closelog();
750
-