On Sunday 08 July 2007, Guy Harris wrote: > Max Laier wrote: > > the attached makes libpcap and tcpdump use pfvar.h/if_pflog.h from > > the host system (if available) - which is what most people will > > want[*]. > > What most people want, I think, is to be able to capture on the pflog > interface and read pflog files, regardless of how that happens; if that > can be done without using the host system's if_pflog.h, they probably > won't care. > > If the DLT_ value for pflog files were changed every time the pflog > header was changed, that could be done. Unfortunately, that hasn't > happened (at least one OpenBSD change doesn't appear to have been > accompanied by a DLT_ value change), so, at least for formats used in > the past, that can't be fixed. > > Given that, unless the various systems supporting pflog interfaces are > willing to agree to have, in the future, different DLT_ values for > different pflog headers (which would probably mean introducing new DLT_ > values for all systems, so we can start afresh), my inclination would > be to completely omit support for pflog files on systems that don't > have a <net/if_pflog.h> header. (Unfortunately, we can't handle the > case of a pflog file from, for example, OpenBSD 3.4 through 3.7 being > read on OpenBSD 3.8 through 4.1 - the header format changed, but the > DLT_ value didn't - so the only way to detect that is to see that > tcpdump etc. just show junk.) > > As such, I'd be willing to check the change in - if it were modified to > completely remove DLT_PFLOG support if there is no <net/if_pflog.h> > header, as a change to make it handle only headers for the OS and > version on which it's built would imply no support if a given > OS+version doesn't *have* pflog.
Sorry for dropping the ball on this one. Please see attached for the updated diffs. After this "pf.h" can be removed from the sources as it is no longer referenced. Is this what you were thinking about? -- /"\ Best regards, | [EMAIL PROTECTED] \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] / \ ASCII Ribbon Campaign | Against HTML Mail and News
Index: Makefile.in
===================================================================
RCS file: /tcpdump/master/tcpdump/Makefile.in,v
retrieving revision 1.315
diff -u -r1.315 Makefile.in
--- Makefile.in 29 Aug 2007 12:31:27 -0000 1.315
+++ Makefile.in 3 Sep 2007 20:12:32 -0000
@@ -81,7 +81,7 @@
print-lmp.c print-lspping.c print-lwapp.c \
print-lwres.c print-mobile.c print-mpcp.c print-mpls.c print-msdp.c \
print-nfs.c print-ntp.c print-null.c print-olsr.c print-ospf.c \
- print-pflog.c print-pgm.c print-pim.c print-ppp.c print-pppoe.c \
+ print-pgm.c print-pim.c print-ppp.c print-pppoe.c \
print-pptp.c print-radius.c print-raw.c print-rip.c \
print-rsvp.c print-rx.c print-sctp.c print-sflow.c print-sip.c print-sl.c print-sll.c \
print-slow.c print-snmp.c print-stp.c print-sunatm.c print-sunrpc.c \
Index: config.h.in
===================================================================
RCS file: /tcpdump/master/tcpdump/config.h.in,v
retrieving revision 1.65
diff -u -r1.65 config.h.in
--- config.h.in 3 Jun 2005 22:08:52 -0000 1.65
+++ config.h.in 3 Sep 2007 20:12:32 -0000
@@ -175,6 +175,9 @@
/* Define to 1 if you have the <netdnet/dnetdb.h> header file. */
#undef HAVE_NETDNET_DNETDB_H
+/* Define to 1 if you have the <net/pfvar.h> header file. */
+#undef HAVE_NET_PFVAR_H
+
/* Define to 1 if you have the <netinet/ether.h> header file. */
#undef HAVE_NETINET_ETHER_H
Index: configure
===================================================================
RCS file: /tcpdump/master/tcpdump/configure,v
retrieving revision 1.146
diff -u -r1.146 configure
--- configure 8 Nov 2005 02:59:40 -0000 1.146
+++ configure 3 Sep 2007 20:12:39 -0000
@@ -3428,6 +3428,72 @@
done
+for ac_header in net/pfvar.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/if.h>
+
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_Header=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+eval "$as_ac_Header=no"
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+if test "$ac_cv_header_net_pfvar_h" == yes; then
+ LOCALSRC="print-pflog.c $LOCALSRC"
+fi
+
for ac_header in netinet/if_ether.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
Index: configure.in
===================================================================
RCS file: /tcpdump/master/tcpdump/configure.in,v
retrieving revision 1.195
diff -u -r1.195 configure.in
--- configure.in 21 Sep 2005 16:48:00 -0000 1.195
+++ configure.in 3 Sep 2007 20:12:40 -0000
@@ -16,6 +16,12 @@
AC_LBL_C_INLINE
AC_C___ATTRIBUTE__
AC_CHECK_HEADERS(fcntl.h rpc/rpcent.h netdnet/dnetdb.h)
+AC_CHECK_HEADERS(net/pfvar.h, , , [#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/if.h>])
+if test "$ac_cv_header_net_pfvar_h" == yes; then
+ LOCALSRC="print-pflog.c $LOCALSRC"
+fi
AC_CHECK_HEADERS(netinet/if_ether.h, , , [#include <sys/types.h>
#include <sys/socket.h>])
if test "$ac_cv_header_netinet_if_ether_h" != yes; then
Index: print-pflog.c
===================================================================
RCS file: /tcpdump/master/tcpdump/print-pflog.c,v
retrieving revision 1.15
diff -u -r1.15 print-pflog.c
--- print-pflog.c 25 Oct 2006 22:13:10 -0000 1.15
+++ print-pflog.c 3 Sep 2007 20:12:40 -0000
@@ -28,6 +28,15 @@
#include "config.h"
#endif
+#ifndef HAVE_NET_PFVAR_H
+#error "No pf headers available"
+#endif
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/if.h>
+#include <net/pfvar.h>
+#include <net/if_pflog.h>
+
#include <tcpdump-stdinc.h>
#include <stdio.h>
@@ -35,7 +44,6 @@
#include "interface.h"
#include "addrtoname.h"
-#include "pf.h"
static struct tok pf_reasons[] = {
{ 0, "0(match)" },
Index: tcpdump.c
===================================================================
RCS file: /tcpdump/master/tcpdump/tcpdump.c,v
retrieving revision 1.269
diff -u -r1.269 tcpdump.c
--- tcpdump.c 5 May 2006 23:13:01 -0000 1.269
+++ tcpdump.c 3 Sep 2007 20:12:41 -0000
@@ -191,7 +191,7 @@
#ifdef DLT_LTALK
{ ltalk_if_print, DLT_LTALK },
#endif
-#ifdef DLT_PFLOG
+#if defined(DLT_PFLOG) && defined(HAVE_NET_PFVAR_H)
{ pflog_if_print, DLT_PFLOG },
#endif
#ifdef DLT_FR
? autom4te.cache
Index: config.h.in
===================================================================
RCS file: /tcpdump/master/libpcap/config.h.in,v
retrieving revision 1.28
diff -u -r1.28 config.h.in
--- config.h.in 15 Jun 2007 17:56:30 -0000 1.28
+++ config.h.in 3 Sep 2007 20:19:44 -0000
@@ -50,6 +50,9 @@
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
+/* Define to 1 if you have the <net/pfvar.h> header file. */
+#undef HAVE_NET_PFVAR_H
+
/* Define to 1 if you have the <netinet/ether.h> header file. */
#undef HAVE_NETINET_ETHER_H
Index: configure
===================================================================
RCS file: /tcpdump/master/libpcap/configure,v
retrieving revision 1.77
diff -u -r1.77 configure
--- configure 15 Jun 2007 17:56:30 -0000 1.77
+++ configure 3 Sep 2007 20:19:52 -0000
@@ -3669,6 +3669,69 @@
done
+for ac_header in net/pfvar.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/if.h>
+
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_Header=yes"
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+eval "$as_ac_Header=no"
+fi
+rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
for ac_header in netinet/if_ether.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
Index: configure.in
===================================================================
RCS file: /tcpdump/master/libpcap/configure.in,v
retrieving revision 1.136
diff -u -r1.136 configure.in
--- configure.in 15 Jun 2007 17:55:50 -0000 1.136
+++ configure.in 3 Sep 2007 20:19:53 -0000
@@ -27,6 +27,9 @@
dnl "AC_LBL_FIXINCLUDES" won't work on some platforms such as Solaris.
dnl
AC_CHECK_HEADERS(sys/ioccom.h sys/sockio.h limits.h paths.h)
+AC_CHECK_HEADERS(net/pfvar.h, , , [#include <sys/types.h>
+#include <sys/socket.h>
+#include <net/if.h>])
AC_CHECK_HEADERS(netinet/if_ether.h, , , [#include <sys/types.h>
#include <sys/socket.h>])
if test "$ac_cv_header_netinet_if_ether_h" != yes; then
Index: gencode.c
===================================================================
RCS file: /tcpdump/master/libpcap/gencode.c,v
retrieving revision 1.284
diff -u -r1.284 gencode.c
--- gencode.c 22 Jun 2007 06:32:06 -0000 1.284
+++ gencode.c 3 Sep 2007 20:19:56 -0000
@@ -73,7 +73,12 @@
#include "ppp.h"
#include "pcap/sll.h"
#include "arcnet.h"
-#include "pf.h"
+#ifdef HAVE_NET_PFVAR_H
+#include <sys/socket.h>
+#include <net/if.h>
+#include <net/pfvar.h>
+#include <net/if_pflog.h>
+#endif
#ifndef offsetof
#define offsetof(s, e) ((size_t)&((s *)0)->e)
#endif
@@ -1175,12 +1180,13 @@
off_nl_nosnap = 44; /* XXX - what does it do with 802.3 packets? */
return;
+#ifdef HAVE_NET_PFVAR_H
case DLT_PFLOG:
off_linktype = 0;
- /* XXX read this from pf.h? */
off_nl = PFLOG_HDRLEN;
off_nl_nosnap = PFLOG_HDRLEN; /* no 802.2 LLC */
return;
+#endif
case DLT_JUNIPER_MFR:
case DLT_JUNIPER_MLFR:
@@ -2441,6 +2447,7 @@
}
return (gen_cmp(OR_LINK, 0, BPF_W, (bpf_int32)proto));
+#ifdef HAVE_NET_PFVAR_H
case DLT_PFLOG:
/*
* af field is host byte order in contrast to the rest of
@@ -2458,6 +2465,7 @@
return gen_false();
/*NOTREACHED*/
break;
+#endif /* HAVE_NET_PFVAR_H */
case DLT_ARCNET:
case DLT_ARCNET_LINUX:
@@ -6390,10 +6398,12 @@
}
break;
+#ifdef HAVE_NET_PFVAR_H
case DLT_PFLOG:
b0 = gen_cmp(OR_LINK, offsetof(struct pfloghdr, dir), BPF_B,
(bpf_int32)((dir == 0) ? PF_IN : PF_OUT));
break;
+#endif
case DLT_PPP_PPPD:
if (dir) {
@@ -6442,6 +6452,7 @@
return (b0);
}
+#ifdef HAVE_NET_PFVAR_H
/* PF firewall log matched interface */
struct block *
gen_pf_ifname(const char *ifname)
@@ -6549,6 +6560,55 @@
(bpf_int32)action);
return (b0);
}
+#else /* !HAVE_NET_PFVAR_H */
+struct block *
+gen_pf_rnr(int rnr)
+{
+ bpf_error("compiled without pf support");
+ /* NOTREACHED */
+ return (NULL);
+}
+
+struct block *
+gen_pf_ruleset(char *ruleset)
+{
+ bpf_error("compiled without pf support");
+ /* NOTREACHED */
+ return (NULL);
+}
+
+struct block *
+gen_pf_rnr(int rnr)
+{
+ bpf_error("compiled without pf support");
+ /* NOTREACHED */
+ return (NULL);
+}
+
+struct block *
+gen_pf_srnr(int srnr)
+{
+ bpf_error("compiled without pf support");
+ /* NOTREACHED */
+ return (NULL);
+}
+
+struct block *
+gen_pf_reason(int reason)
+{
+ bpf_error("compiled without pf support");
+ /* NOTREACHED */
+ return (NULL);
+}
+
+struct block *
+gen_pf_action(int action)
+{
+ bpf_error("compiled without pf support");
+ /* NOTREACHED */
+ return (NULL);
+}
+#endif /* HAVE_NET_PFVAR_H */
/* IEEE 802.11 wireless header */
struct block *
Index: grammar.y
===================================================================
RCS file: /tcpdump/master/libpcap/grammar.y,v
retrieving revision 1.97
diff -u -r1.97 grammar.y
--- grammar.y 11 Jun 2007 10:04:25 -0000 1.97
+++ grammar.y 3 Sep 2007 20:19:56 -0000
@@ -52,7 +52,11 @@
#include "pcap-int.h"
#include "gencode.h"
-#include "pf.h"
+#ifdef HAVE_NET_PFVAR_H
+#include <net/if.h>
+#include <net/pfvar.h>
+#include <net/if_pflog.h>
+#endif
#include "ieee80211.h"
#include <pcap/namedb.h>
signature.asc
Description: This is a digitally signed message part.
