From owner-freebsd-pf@FreeBSD.ORG Tue May 7 11:09:01 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id D3F7AA6F for ; Tue, 7 May 2013 11:09:01 +0000 (UTC) (envelope-from Caglar.Kilimci@logo.com.tr) Received: from logo.com.tr (ns2.logo.com.tr [212.252.63.100]) by mx1.freebsd.org (Postfix) with ESMTP id 285F7F7F for ; Tue, 7 May 2013 11:09:00 +0000 (UTC) Received: from Internal Mail-Server by Mail-SeCure (envelope-from Caglar.Kilimci@logo.com.tr) with AES128-SHA encrypted SMTP; 7 May 2013 14:02:16 +0300 Received: from mail.logo.com.tr ([::1]) by mail.logo.com.tr ([::1]) with mapi id 14.02.0342.003; Tue, 7 May 2013 14:02:17 +0300 From: Caglar Kilimci To: pf list Subject: Padding in pfloghdr Thread-Topic: Padding in pfloghdr Thread-Index: Ac5LEkMipVTBSOroQjCRsBNBnbxw0Q== Date: Tue, 7 May 2013 11:02:16 +0000 Message-ID: <200BCD16C92DAC439533916A735EE8E511C68D89@mail.logo.com.tr> Accept-Language: en-US, tr-TR Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [172.16.57.145] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 May 2013 11:09:01 -0000 Hello list, I want to insert an extra field, u_int32_t, into pfloghdr struc= t but I am not sure how to change padding.=20 160 Index: sys/net/if_pflog.h = =20 161 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 162 --- sys/net/if_pflog.h (revision 250171) = =20 163 +++ sys/net/if_pflog.h (working copy) = =20 164 @@ -45,6 +45,8 @@ = =20 165 uid_t rule_uid; = =20 166 pid_t rule_pid; = =20 167 u_int8_t dir; = =20 168 + //added for extra = =20 169 + u_int32_t index; = =20 170 u_int8_t pad[3]; = =20 171 };=20 If I increment hdrlen by 4 in tcpdump, everything seems fine but I guess th= is solution is not good. 1 Index: print-pflog.c = =20 2 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 3 --- print-pflog.c (revision 250174) = =20 4 +++ print-pflog.c (working copy) = =20 5 @@ -145,6 +145,7 @@ = =20 6 = =20 7 /* skip to the real packet */ = =20 8 af =3D hdr->af; = =20 9 + hdrlen+=3D4; = =20 10 length -=3D hdrlen; = =20 11 caplen -=3D hdrlen; = =20 12 p +=3D hdrlen; If I do not touch anything in tcpdump, it complains as "bad-len 0" error. I mean, what is padding number for pfloghdr struct?= "Bu mesaji yazdirmadan once cevreye olan sorumlulugumuzu bir kez daha dusunelim. / Please consider the environment before printing this e-mail." Bu elektronik posta ve ekinde yer alan tum dosyalar gonderici ve alici kisi ve kurumlara ozel olup gizli bilgi ihtiva edebilir. Dogru aliciya ulasmamasi halinde mesajin ekleri ile birlikte silinmesi ve yok edilmesi gerekmektedir. Mesaj, icerigi ve ekinde bulunan dusunce ve yorumlar Logo Yazilim Sanayi ve Ticaret A.S.'ye degil gondericiye aittir. This electronic mail and all files attached to it are private to the sender and recipient, and may contain confidential information. If it fails to reach the right recipient, the message should be deleted and destroyed along with its attachments. The message, its content and opinion and comments attached to it belong to the sender, not Logo Yazilim Sanayi ve Ticaret A.S.