mirror of
https://git.FreeBSD.org/src.git
synced 2024-10-19 02:29:40 +00:00
Finish the r244185. This fixes ever growing counter of pfsync bad
length packets, which was actually harmless. Note that peers with different version of head/ may grow this counter, but it is harmless - all pfsync data is processed. Reported & tested by: Anton Yuzhaninov <citrin citrin.ru> Sponsored by: Nginx, Inc
This commit is contained in:
parent
dc9b4fcacb
commit
e2a55a0021
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=246822
@ -67,8 +67,6 @@
|
||||
#define PFSYNC_ACT_EOF 12 /* end of frame */
|
||||
#define PFSYNC_ACT_MAX 13
|
||||
|
||||
#define PFSYNC_HMAC_LEN 20
|
||||
|
||||
/*
|
||||
* A pfsync frame is built from a header followed by several sections which
|
||||
* are all prefixed with their own subheaders. Frames must be terminated with
|
||||
@ -205,18 +203,8 @@ struct pfsync_tdb {
|
||||
u_int8_t _pad[2];
|
||||
} __packed;
|
||||
|
||||
/*
|
||||
* EOF
|
||||
*/
|
||||
|
||||
struct pfsync_eof {
|
||||
u_int8_t hmac[PFSYNC_HMAC_LEN];
|
||||
} __packed;
|
||||
|
||||
#define PFSYNC_HDRLEN sizeof(struct pfsync_header)
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* Names for PFSYNC sysctl objects
|
||||
*/
|
||||
|
@ -99,8 +99,7 @@ __FBSDID("$FreeBSD$");
|
||||
#define PFSYNC_MINPKT ( \
|
||||
sizeof(struct ip) + \
|
||||
sizeof(struct pfsync_header) + \
|
||||
sizeof(struct pfsync_subheader) + \
|
||||
sizeof(struct pfsync_eof))
|
||||
sizeof(struct pfsync_subheader) )
|
||||
|
||||
struct pfsync_pkt {
|
||||
struct ip *ip;
|
||||
|
Loading…
Reference in New Issue
Block a user