upstream/oracle/userland-gate: components/pflogd/patches/001-solaris.patch@f678cc44b3d0 (annotated)

5565 f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	1	# This patch comes from Oracle. It fixes issues preventing pflogd
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	2	# from building and running on Solaris. Especially, we:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	3	# - make it read packets from Solaris-specific capture links instead
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	4	# of OpenBSD's pflog interfaces
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	5	# - introduce our own pcap_pkthdr structure as the one used by
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	6	# upstream would result in corrupted packet dump files on Solaris
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	7	# - use Solaris-specific random number generator
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	8	#
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	9	# This patch is not going to upstream, the changes are Solaris-specific.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	10
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	11	diff -Naur ORIGINAL/Makefile pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	12	--- ORIGINAL/Makefile 2013-06-18 20:51:30.000000000 -0700
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	13	+++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/Makefile 2016-02-17 02:08:53.410106245 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	14	@@ -1,15 +1,28 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	15	# $OpenBSD: Makefile,v 1.9 2013/06/19 03:51:30 lteo Exp $
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	16
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	17	-CFLAGS+=-Wall -Wmissing-prototypes -Wshadow
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	18	+CFLAGS+= -m64 -errwarn
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	19
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	20	-# for pcap-int.h
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	21	-CFLAGS+=-I${.CURDIR}/../../lib/libpcap
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	22	+PROG=pflogd
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	23	+SRCS=pflogd.c privsep.c privsep_fdpass.c
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	24	+OBJS=$(SRCS:.c=.o)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	25	+MAN=pflogd.8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	26
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	27	-LDADD+= -lpcap
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	28	-DPADD+= ${LIBPCAP}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	29	+LDADD+=-lpcap -ldladm -luutil
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	30
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	31	-PROG= pflogd
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	32	-SRCS= pflogd.c privsep.c privsep_fdpass.c
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	33	-MAN= pflogd.8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	34	+all: $(SRCS) $(PROG)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	35
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	36	-.include <bsd.prog.mk>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	37	+install: $(PROG)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	38	+ $(INSTALL) -d $(PREFIX)/sbin
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	39	+ $(INSTALL) -m 755 $(PROG) $(PREFIX)/sbin
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	40	+ $(INSTALL) -d $(MANDIR)/man8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	41	+ $(INSTALL) -m 644 $(MAN) $(MANDIR)/man8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	42	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	43	+$(PROG): $(OBJS)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	44	+ $(CC) $(CFLAGS) $(OBJS) -o $@ $(LDADD)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	45	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	46	+.c.o:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	47	+ $(CC) $(CFLAGS) -c -o $@ $<
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	48	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	49	+clean:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	50	+ rm -rf *.o
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	51	+ rm -rf $(PROG)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	52	diff -Naur ORIGINAL/pflogd.8 pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	53	--- ORIGINAL/pflogd.8 2014-01-20 19:15:45.000000000 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	54	+++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.8 2016-02-17 02:32:29.857912548 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	55	@@ -44,15 +44,15 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	56	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	57	is a background daemon which reads packets logged by
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	58	.Xr pf 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	59	-to a
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	60	-.Xr pflog 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	61	-interface, normally
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	62	+to a dedicated capture link interface (see
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	63	+.Xr dladm 1M
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	64	+for details), normally
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	65	.Pa pflog0 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	66	and writes the packets to a logfile (normally
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	67	-.Pa /var/log/pflog )
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	68	-in
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	69	-.Xr tcpdump 8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	70	-binary format.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	71	+.Pa /var/log/firewall/pflog/pflog0.pkt )
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	72	+in libpcap format (see
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	73	+.Xr PCAP 3pcap
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	74	+for details).
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	75	These logs can be reviewed later using the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	76	.Fl r
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	77	option of
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	78	@@ -63,9 +63,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	79	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	80	closes and then re-opens the log file when it receives
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	81	.Dv SIGHUP ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	82	-permitting
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	83	-.Xr newsyslog 8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	84	-to rotate logfiles automatically.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	85	+permitting convenient log rotation.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	86	.Dv SIGALRM
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	87	causes
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	88	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	89	@@ -96,7 +94,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	90	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	91	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	92	will also log the pcap statistics for the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	93	-.Xr pflog 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	94	+capture link
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	95	interface to syslog when a
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	96	.Dv SIGUSR1
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	97	is received.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	98	@@ -113,12 +111,8 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	99	If not specified, the default is 60 seconds.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	100	.It Fl f Ar filename
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	101	Log output filename.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	102	-Default is
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	103	-.Pa /var/log/pflog .
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	104	.It Fl i Ar interface
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	105	-Specifies the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	106	-.Xr pflog 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	107	-interface to use.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	108	+Specifies the capture link interface to use.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	109	By default,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	110	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	111	will use
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	112	@@ -172,7 +166,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	113	.El
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	114	.Sh FILES
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	115	.Bl -tag -width /var/run/pflogd.pid -compact
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	116	-.It Pa /var/log/pflog
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	117	+.It Pa /var/log/firewall/pflog/pflog0.pkt
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	118	Default log file.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	119	.El
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	120	.Sh EXAMPLES
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	121	@@ -185,7 +179,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	122	.Ed
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	123	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	124	Log from another
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	125	-.Xr pflog 4
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	126	+capture link
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	127	interface, excluding specific packets:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	128	.Bd -literal -offset indent
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	129	# pflogd -i pflog3 -f network3.log "not (tcp and port 23)"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	130	@@ -193,7 +187,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	131	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	132	Display binary logs:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	133	.Bd -literal -offset indent
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	134	-# tcpdump -n -e -ttt -r /var/log/pflog
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	135	+# tcpdump -n -e -ttt -r /var/log/firewall/pflog/pflog3.pkt
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	136	.Ed
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	137	.Pp
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	138	Display the logs in real time (this does not interfere with the
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	139	@@ -210,16 +204,18 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	140	.Ed
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	141	.Sh SEE ALSO
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	142	.Xr pcap 3 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	143	-.Xr pf 4 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	144	-.Xr pflog 4 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	145	.Xr pf.conf 5 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	146	-.Xr newsyslog 8 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	147	+.Xr privileges 5 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	148	+.Xr smf 5 ,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	149	.Xr tcpdump 8
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	150	.Sh HISTORY
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	151	The
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	152	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	153	command appeared in
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	154	.Ox 3.0 .
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	155	+The Solaris version is based on
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	156	+.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	157	+found in OpenBSD 5.5.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	158	.Sh AUTHORS
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	159	.Nm
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	160	was written by
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	161	diff -Naur ORIGINAL/pflogd.c pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.c
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	162	--- ORIGINAL/pflogd.c 2012-11-05 18:50:47.000000000 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	163	+++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.c 2016-02-18 12:05:03.256562087 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	164	@@ -48,7 +48,15 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	165	#include <errno.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	166	#include <stdarg.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	167	#include <fcntl.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	168	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	169	+#include <libdladm.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	170	+#include <libnetcfg.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	171	+#include <strings.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	172	+#include <zone.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	173	+#include <libuutil.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	174	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	175	#include <util.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	176	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	177	#include "pflogd.h"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	178
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	179	pcap_t *hpcap;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	180	@@ -88,6 +96,34 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	181	void sig_hup(int);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	182	void usage(void);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	183
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	184	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	185	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	186	+ * setproctitle() is found in libc on OpenBSD. It allows program to update its
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	187	+ * process name. It will be an empty macro on Solaris.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	188	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	189	+#define setproctitle(...)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	190	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	191	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	192	+ * __dead attribute will be an empty macro on Solaris.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	193	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	194	+#define __dead
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	195	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	196	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	197	+ * We must define our own pcap_pkthdr to ensure timeval structure will be
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	198	+ * defined in 32-bit version. Not doing so will result in corrupted packet dump
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	199	+ * file produced by pflogd on Solaris.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	200	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	201	+typedef struct pcap_pkthdr_file {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	202	+ struct {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	203	+ uint32_t tv_sec;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	204	+ uint32_t tv_usec;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	205	+ } ts;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	206	+ uint32_t caplen;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	207	+ uint32_t len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	208	+} pcap_pkthdr_file_t;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	209	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	210	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	211	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	212	static int try_reset_dump(int);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	213
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	214	/* buffer must always be greater than snaplen */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	215	@@ -191,11 +227,13 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	216	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	217	struct bpf_program bprog;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	218
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	219	- if (pcap_compile(hpcap, &bprog, filter, PCAP_OPT_FIL, 0) < 0)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	220	+ if (pcap_compile(hpcap, &bprog, filter, PCAP_OPT_FIL, 0) < 0) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	221	logmsg(LOG_WARNING, "%s", pcap_geterr(hpcap));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	222	- else {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	223	+ logmsg(LOG_WARNING, "for filter:\n\t%s\nNo filter set.\n", filter);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	224	+ } else {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	225	if (pcap_setfilter(hpcap, &bprog) < 0)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	226	- logmsg(LOG_WARNING, "%s", pcap_geterr(hpcap));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	227	+ logmsg(LOG_WARNING, "%s\nNo filter set.\n",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	228	+ pcap_geterr(hpcap));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	229	pcap_freecode(&bprog);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	230	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	231	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	232	@@ -203,6 +241,31 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	233	int
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	234	if_exists(char *ifname)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	235	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	236	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	237	+ dladm_handle_t dlh;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	238	+ datalink_id_t linkid;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	239	+ zoneid_t zid = getzoneid();
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	240	+ dladm_status_t dls;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	241	+ int rv = 0;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	242	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	243	+ if (!dladm_valid_linkname(ifname) \|\|
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	244	+ (dladm_open(&dlh) != DLADM_STATUS_OK)) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	245	+ errno = ENXIO;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	246	+ return (rv);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	247	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	248	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	249	+ dls = dladm_apply_linknamefilters(dlh, ifname, &linkid, 1, &zid,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	250	+ DLADM_OPT_ACTIVE, zid, NULL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	251	+ if ((dls == DLADM_STATUS_OK) && (linkid != DATALINK_INVALID_LINKID)) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	252	+ rv = 1;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	253	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	254	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	255	+ dladm_close(dlh);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	256	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	257	+ errno = (rv == 1) ? 0 : ENXIO;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	258	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	259	+ return (rv);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	260	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	261	int s, ret = 1;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	262	struct ifreq ifr;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	263	struct if_data ifrdat;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	264	@@ -220,6 +283,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	265	err(1, "close");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	266
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	267	return (ret);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	268	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	269	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	270
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	271	int
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	272	@@ -243,10 +307,15 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	273	cur_snaplen = snaplen = pcap_snapshot(hpcap);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	274
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	275	/* lock */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	276	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	277	+ * BIOCLOCK operation is not implmented on Solaris.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	278	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	279	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	280	if (ioctl(pcap_fileno(hpcap), BIOCLOCK) < 0) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	281	logmsg(LOG_ERR, "BIOCLOCK: %s", strerror(errno));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	282	return (-1);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	283	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	284	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	285
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	286	return (0);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	287	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	288	@@ -371,7 +440,11 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	289	scan_dump(FILE *fp, off_t size)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	290	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	291	struct pcap_file_header hdr;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	292	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	293	+ struct pcap_pkthdr_file ph;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	294	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	295	struct pcap_pkthdr ph;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	296	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	297	off_t pos;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	298
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	299	/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	300	@@ -440,13 +513,26 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	301	dump_packet_nobuf(u_char user, const struct pcap_pkthdr h, const u_char *sp)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	302	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	303	FILE f = (FILE )user;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	304	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	305	+ struct pcap_pkthdr_file h_file;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	306	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	307
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	308	if (suspended) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	309	packets_dropped++;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	310	return;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	311	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	312
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	313	- if (fwrite((char )h, sizeof(h), 1, f) != 1) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	314	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	315	+ h_file.ts.tv_sec = (uint32_t)h->ts.tv_sec;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	316	+ h_file.ts.tv_usec = (uint32_t)h->ts.tv_usec;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	317	+ h_file.caplen = h->caplen;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	318	+ h_file.len = h->len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	319	+ if (fwrite((char *)&h_file, sizeof (h_file), 1, f) != 1)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	320	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	321	+ if (fwrite((char )h, sizeof(h), 1, f) != 1)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	322	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	323	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	324	+ {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	325	off_t pos = ftello(f);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	326
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	327	/* try to undo header to prevent corruption */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	328	@@ -520,9 +606,32 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	329	dump_packet(u_char user, const struct pcap_pkthdr h, const u_char *sp)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	330	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	331	FILE f = (FILE )user;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	332	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	333	+ struct pcap_pkthdr_file h_file;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	334	+ size_t len = sizeof (h_file) + h->caplen;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	335	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	336	size_t len = sizeof(*h) + h->caplen;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	337	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	338
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	339	- if (len < sizeof(*h) \|\| h->caplen > (size_t)cur_snaplen) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	340	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	341	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	342	+ * Member ts is struct timeval defined in sys/time.h. Solaris uses
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	343	+ * 64-bit version for tv_sec, tv_usec. 64-bit members are not
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	344	+ * compatible with pcap file format, hence we must convert them to
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	345	+ * 32-bits.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	346	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	347	+ h_file.ts.tv_sec = (uint32_t)h->ts.tv_sec;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	348	+ h_file.ts.tv_usec = (uint32_t)h->ts.tv_usec;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	349	+ h_file.caplen = h->caplen;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	350	+ h_file.len = h->len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	351	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	352	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	353	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	354	+ if (len < sizeof(h_file) \|\| h_file.caplen > (size_t)cur_snaplen)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	355	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	356	+ if (len < sizeof(*h) \|\| h->caplen > (size_t)cur_snaplen)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	357	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	358	+ {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	359	logmsg(LOG_NOTICE, "invalid size %zu (%d/%d), packet dropped",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	360	len, cur_snaplen, snaplen);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	361	packets_dropped++;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	362	@@ -548,8 +657,13 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	363	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	364
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	365	append:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	366	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	367	+ (void) memcpy(bufpos, &h_file, sizeof (h_file));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	368	+ (void) memcpy(bufpos + sizeof (h_file), sp, h->caplen);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	369	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	370	memcpy(bufpos, h, sizeof(*h));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	371	memcpy(bufpos + sizeof(*h), sp, h->caplen);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	372	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	373
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	374	bufpos += len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	375	bufleft -= len;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	376	@@ -611,7 +725,6 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	377	default:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	378	usage();
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	379	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	380	-
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	381	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	382
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	383	log_debug = Debug;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	384	@@ -658,12 +771,25 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	385
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	386	setproctitle("[initializing]");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	387	/* Process is now unprivileged and inside a chroot */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	388	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	389	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	390	+ * We have to use sigset() on Solaris, since signal() resets sig.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	391	+ * handler to default as soon as particular signal is delivered.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	392	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	393	+ sigset(SIGTERM, sig_close);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	394	+ sigset(SIGINT, sig_close);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	395	+ sigset(SIGQUIT, sig_close);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	396	+ sigset(SIGALRM, sig_alrm);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	397	+ sigset(SIGUSR1, sig_usr1);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	398	+ sigset(SIGHUP, sig_hup);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	399	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	400	signal(SIGTERM, sig_close);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	401	signal(SIGINT, sig_close);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	402	signal(SIGQUIT, sig_close);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	403	signal(SIGALRM, sig_alrm);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	404	signal(SIGUSR1, sig_usr1);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	405	signal(SIGHUP, sig_hup);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	406	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	407	alarm(delay);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	408
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	409	buffer = malloc(PFLOGD_BUFSIZE);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	410	@@ -696,7 +822,7 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	411	ret = -1;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	412	break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	413	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	414	- logmsg(LOG_NOTICE, "%s", pcap_geterr(hpcap));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	415	+ logmsg(LOG_NOTICE, "pcap says: %s", pcap_geterr(hpcap));
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	416	}
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	417
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	418	if (gotsig_close)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	419	diff -Naur ORIGINAL/pflogd.h pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.h
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	420	--- ORIGINAL/pflogd.h 2010-09-20 22:56:58.000000000 -0700
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	421	+++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/pflogd.h 2016-02-18 12:08:42.414919276 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	422	@@ -16,7 +16,11 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	423	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	424	*/
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	425
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	426	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	427	+#include <limits.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	428	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	429	#include <sys/limits.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	430	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	431	#include <pcap.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	432
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	433	#define DEF_SNAPLEN 160 /* pfloghdr + ip hdr + proto hdr fit usually */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	434	@@ -25,7 +29,12 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	435	#define PCAP_OPT_FIL 1 /* filter optimization */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	436	#define FLUSH_DELAY 60 /* flush delay */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	437
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	438	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	439	+#define PFLOGD_LOG_DIR "/var/log/firewall/pflog"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	440	+#define PFLOGD_LOG_FILE "pflog.pkt"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	441	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	442	#define PFLOGD_LOG_FILE "/var/log/pflog"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	443	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	444	#define PFLOGD_DEFAULT_IF "pflog0"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	445
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	446	#define PFLOGD_MAXSNAPLEN INT_MAX
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	447	diff -Naur ORIGINAL/privsep.c pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/privsep.c
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	448	--- ORIGINAL/privsep.c 2013-09-13 01:49:17.000000000 -0700
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	449	+++ pflogd-OPENBSD_5_5-OPENBSD_5_5.pre-smf/privsep.c 2016-02-18 12:07:34.219667793 -0800
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	450	@@ -28,8 +28,6 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	451	#include <errno.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	452	#include <fcntl.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	453	#include <limits.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	454	-#include <pcap.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	455	-#include <pcap-int.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	456	#include <pwd.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	457	#include <signal.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	458	#include <stdio.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	459	@@ -38,6 +36,34 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	460	#include <syslog.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	461	#include <unistd.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	462	#include "pflogd.h"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	463	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	464	+#include <priv.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	465	+#include <stdlib.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	466	+#include <sys/types.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	467	+#include <time.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	468	+#include <sys/random.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	469	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	470	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	471	+ * It's better to include these after other header files.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	472	+ * pcap-int.h defines strlcpy() as macro if it is undefined.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	473	+ * In our case strlcpy() comes from string.h.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	474	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	475	+#define HAVE_SNPRINTF 1
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	476	+#include <pcap.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	477	+#include <pcap-int.h>
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	478	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	479	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	480	+#define _NSIG 27
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	481	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	482	+/*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	483	+ * setproctitle() is found in libc on OpenBSD. It allows program to update its
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	484	+ * process name. It will empty macro on Solaris.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	485	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	486	+#define setproctitle(...)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	487	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	488	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	489	+#define PFLOGD_USER "_pflogd"
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	490	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	491
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	492	enum cmd_types {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	493	PRIV_SET_SNAPLEN, /* set the snaplength */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	494	@@ -67,7 +93,9 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	495	{
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	496	int i, fd, socks[2], cmd;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	497	int snaplen, ret, olderrno;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	498	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	499	struct passwd *pw;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	500	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	501
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	502	for (i = 1; i < _NSIG; i++)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	503	signal(i, SIG_DFL);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	504	@@ -76,16 +104,19 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	505	if (socketpair(AF_LOCAL, SOCK_STREAM, PF_UNSPEC, socks) == -1)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	506	err(1, "socketpair() failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	507
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	508	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	509	pw = getpwnam("_pflogd");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	510	if (pw == NULL)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	511	errx(1, "unknown user _pflogd");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	512	endpwent();
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	513	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	514
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	515	child_pid = fork();
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	516	if (child_pid < 0)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	517	err(1, "fork() failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	518
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	519	if (!child_pid) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	520	+#ifndef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	521	gid_t gidset[1];
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	522
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	523	/* Child - drop privileges and return */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	524	@@ -101,6 +132,8 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	525	err(1, "setgroups() failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	526	if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	527	err(1, "setresuid() failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	528	+#endif /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	529	+
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	530	close(socks[0]);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	531	priv_fd = socks[1];
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	532	return 0;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	533	@@ -108,19 +141,34 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	534
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	535	/* Father */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	536	/* Pass ALRM/TERM/HUP/INT/QUIT through to child, and accept CHLD */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	537	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	538	+ /*
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	539	+ * We have to use sigset() on Solaris, since signal() resets sig.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	540	+ * handler to default as soon as particular signal is delivered.
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	541	+ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	542	+ sigset(SIGALRM, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	543	+ sigset(SIGTERM, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	544	+ sigset(SIGHUP, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	545	+ sigset(SIGINT, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	546	+ sigset(SIGQUIT, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	547	+ sigset(SIGCHLD, sig_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	548	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	549	signal(SIGALRM, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	550	signal(SIGTERM, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	551	signal(SIGHUP, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	552	signal(SIGINT, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	553	signal(SIGQUIT, sig_pass_to_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	554	signal(SIGCHLD, sig_chld);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	555	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	556
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	557	setproctitle("[priv]");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	558	close(socks[1]);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	559
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	560	while (!gotsig_chld) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	561	- if (may_read(socks[0], &cmd, sizeof(int)))
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	562	+ if (may_read(socks[0], &cmd, sizeof(int))) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	563	+ logmsg(LOG_ERR, "may_read: fails\n");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	564	break;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	565	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	566	switch (cmd) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	567	case PRIV_SET_SNAPLEN:
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	568	logmsg(LOG_DEBUG,
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	569	@@ -192,9 +240,20 @@
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	570
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	571	for (;;) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	572	int fd;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	573	+#ifdef _SOLARIS_
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	574	+ uint32_t rand;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	575
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	576	+ if (getrandom(&rand, sizeof (rand), GRND_NONBLOCK) !=
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	577	+ sizeof (rand)) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	578	+ logmsg(LOG_ERR, "getrandom() failed");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	579	+ return 1;
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	580	+ }
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	581	+ len = snprintf(ren, sizeof(ren), "%s.bad.%08x",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	582	+ name, rand);
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	583	+#else /* !_SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	584	len = snprintf(ren, sizeof(ren), "%s.bad.%08x",
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	585	name, arc4random());
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	586	+#endif /* _SOLARIS_ */
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	587	if (len >= sizeof(ren)) {
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	588	logmsg(LOG_ERR, "[priv] new name too long");
f678cc44b3d0 PSARC/2014/291 PFLOGD: Packet Logging for PF Petr Hoffmann <petr.hoffmann@oracle.com> parents: diff changeset	589	return (1);

author	Petr Hoffmann <petr.hoffmann@oracle.com>
	Tue, 08 Mar 2016 22:31:41 -0800
changeset 5565	f678cc44b3d0
child 5826	9c90e4a8156c
permissions	-rw-r--r--