diff options
| author |   bluhm <bluhm@openbsd.org> | 2021-01-12 00:10:34 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2021-01-12 00:10:34 +0000 |
| commit | f6d3bf21b274662ea88e4e2d963249cb83c2035e (patch) | |
| tree | 14a71cc407a0e70c76b0b58797cc90fdab313624 /sbin/pfctl/pfctl_parser.c | |
| parent | Regress and Makefile cleanup. (diff) | |
| download | wireguard-openbsd-f6d3bf21b274662ea88e4e2d963249cb83c2035e.tar.xz wireguard-openbsd-f6d3bf21b274662ea88e4e2d963249cb83c2035e.zip | |
Sometimes a user ID was logged in pflog(4) although the logopt of
the rule did not specify it. Check the option again for the log
rule in case another rule has triggered a socket lookup. Remove
logopt group, it is not documented and cannot work as struct pfloghdr
does not contain a gid. Rename PF_LOG_SOCKET_LOOKUP to PF_LOG_USER
to express what it does. The lookup involved is only an implemntation
detail.
OK kn@ sashan@ mvs@
Diffstat (limited to 'sbin/pfctl/pfctl_parser.c')
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index 03317844e91..4636c143222 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.344 2020/12/29 19:50:28 benno Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.345 2021/01/12 00:10:34 bluhm Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -795,7 +795,7 @@ print_rule(struct pf_rule *r, const char *anchor_call, int opts) printf("%sall", count++ ? ", " : ""); if (r->log & PF_LOG_MATCHES) printf("%smatches", count++ ? ", " : ""); - if (r->log & PF_LOG_SOCKET_LOOKUP) + if (r->log & PF_LOG_USER) printf("%suser", count++ ? ", " : ""); if (r->logif) printf("%sto pflog%u", count++ ? ", " : "", |