Re: [PATCH 1/4] Netfilter: Merge ipt_LOG and ip6_LOG into xt_LOG
From: Richard Weinberger
Date: Thu Mar 01 2012 - 16:39:30 EST
Am 01.03.2012 12:27, schrieb Pablo Neira Ayuso:
> While merging ipt_LOG and ip6t_LOG, you introduced some bug that
> corrupts the log line. Note the extra PROTO=, I don't have any UDPLITE
> traffic here.
>
> Looks like a missing break in one switch.
I got confused by my own logic. :-\
Does the attached patch fix the issue?
It's based on "Netfilter: xt_LOG: Add timestamp support".
Thanks,
//richard
diff --git a/net/netfilter/xt_LOG.c b/net/netfilter/xt_LOG.c
index 4e392cf..019fb64 100644
--- a/net/netfilter/xt_LOG.c
+++ b/net/netfilter/xt_LOG.c
@@ -269,12 +269,14 @@ static void dump_ipv4_packet(struct sbuff *m,
ntohs(ih->frag_off) & IP_OFFSET,
iphoff+ih->ihl*4, logflags))
return;
+ break;
case IPPROTO_UDP:
case IPPROTO_UDPLITE:
if (dump_udp_header(m, skb, ih->protocol,
ntohs(ih->frag_off) & IP_OFFSET,
iphoff+ih->ihl*4))
return;
+ break;
case IPPROTO_ICMP: {
struct icmphdr _icmph;
const struct icmphdr *ich;
@@ -723,10 +725,12 @@ static void dump_ipv6_packet(struct sbuff *m,
if (dump_tcp_header(m, skb, currenthdr, fragment, ptr,
logflags))
return;
+ break;
case IPPROTO_UDP:
case IPPROTO_UDPLITE:
if (dump_udp_header(m, skb, currenthdr, fragment, ptr))
return;
+ break;
case IPPROTO_ICMPV6: {
struct icmp6hdr _icmp6h;
const struct icmp6hdr *ic;
Attachment:
signature.asc
Description: OpenPGP digital signature