misc/71096: pflogd doesn't write valid pcap savefiles on 64-bit
architectures
Ville-Pertti Keinonen
will at iki.fi
Sun Aug 29 02:50:09 PDT 2004
>Number: 71096
>Category: misc
>Synopsis: pflogd doesn't write valid pcap savefiles on 64-bit architectures
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Aug 29 09:50:08 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Ville-Pertti Keinonen
>Release: 6.0-current
>Organization:
>Environment:
FreeBSD [hostname] 6.0-CURRENT FreeBSD 6.0-CURRENT #0: Sun Aug 29 11:59:34 EEST 2004 root@[hostname]:/usr/obj/usr/src/sys/CRASH amd64
>Description:
pflogd is storing instances of struct pcap_pkthdr where it should be storing instances of struct pcap_sf_pkthdr. On 64-bit architectures, this includes native-sized struct timevals, causing programs that read pcap savefiles (tcpdump, ethereal) to be unable to read /var/log/pflog.
Additionally, /etc/rc.d/pflog is broken, as it tries to load a kernel module called pflog, but the functionality is present in a module called pf.
>How-To-Repeat:
See full description.
>Fix:
http://will.iki.fi/patches/pflogd.diff
s/kldload pflog/kldload pf/ in /etc/rc.d/pflog
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list