add a "u_int8_t logif" to struct pfrule to select to which pflog interface

logs go. ok mcbride
author: henning <henning@openbsd.org> 2006-10-25 11:26:47 +0000
committer: henning <henning@openbsd.org> 2006-10-25 11:26:47 +0000
commit: 30ee11ac04e1967f5012b71a830150190b3c108c (patch)
tree: 034145a032cc675ff4966a85b02b1d7f2b221f3c /sys/net/pf_ioctl.c
parent: another hiding AF_NS leftover, spotted by jmc (diff)
download: wireguard-openbsd-30ee11ac04e1967f5012b71a830150190b3c108c.tar.xz
wireguard-openbsd-30ee11ac04e1967f5012b71a830150190b3c108c.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index 979cd3535d0..f3b929dcc76 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_ioctl.c,v 1.169 2006/08/30 11:31:02 djm Exp $ */
+/*	$OpenBSD: pf_ioctl.c,v 1.170 2006/10/25 11:26:47 henning Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -72,6 +72,10 @@
 #include <net/if_pfsync.h>
 #endif /* NPFSYNC > 0 */
 
+#if NPFLOG > 0
+#include <net/if_pflog.h>
+#endif /* NPFLOG > 0 */
+
 #ifdef INET6
 #include <netinet/ip6.h>
 #include <netinet/in_pcb.h>
@@ -1419,6 +1423,10 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 				error = EBUSY;
 		if (rule->rt && !rule->direction)
 			error = EINVAL;
+#if NPFLOG > 0
+		if (rule->logif >= PFLOGIFS_MAX)
+			error = EINVAL;
+#endif
 		if (pf_rtlabel_add(&rule->src.addr) ||
 		    pf_rtlabel_add(&rule->dst.addr))
 			error = EBUSY;
author	henning <henning@openbsd.org>	2006-10-25 11:26:47 +0000
committer	henning <henning@openbsd.org>	2006-10-25 11:26:47 +0000
commit	30ee11ac04e1967f5012b71a830150190b3c108c (patch)
tree	034145a032cc675ff4966a85b02b1d7f2b221f3c /sys/net/pf_ioctl.c
parent	another hiding AF_NS leftover, spotted by jmc (diff)
download	wireguard-openbsd-30ee11ac04e1967f5012b71a830150190b3c108c.tar.xz wireguard-openbsd-30ee11ac04e1967f5012b71a830150190b3c108c.zip