summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2008-09-26 20:14:46 +0000
committerStef Walter <stef@memberwebs.com>2008-09-26 20:14:46 +0000
commite0efaf285c3d7daff0037d4fd446aa5dd55741f4 (patch)
treebea36b4131dc56ddd58b745508dcf772357ce78f
parent14ab3aad0b6fae38d2588cc59d2b8887c27f400b (diff)
Account for IPV6 packet sizes in the capture.
-rw-r--r--module/bsnmp-jails.c13
1 files changed, 6 insertions, 7 deletions
diff --git a/module/bsnmp-jails.c b/module/bsnmp-jails.c
index fa14cf0..5e5e030 100644
--- a/module/bsnmp-jails.c
+++ b/module/bsnmp-jails.c
@@ -102,7 +102,7 @@ struct xprison_v2 {
* DECLARATIONS
*/
-#define SNAP_LEN 48
+#define SNAP_LEN 64
/* our module handle */
static struct lmodule *module;
@@ -389,18 +389,14 @@ monitor_packet (u_char *data, const struct pcap_pkthdr *hdr, const u_char *bytes
/* IPv4 packet? */
if (type == 0x0800) {
minlen = (sizeof (struct ethhdr) + sizeof (struct ip4hdr));
- if (hdr->len >= minlen) {
- ASSERT (hdr->caplen >= minlen);
+ if (hdr->len >= minlen && hdr->caplen >= minlen)
calculate_ip4 ((const struct ip4hdr*)bytes, octets);
- }
/* IPv6 packet? */
} else if (type == 0x86DD) {
minlen = (sizeof (struct ethhdr) + sizeof (struct ip6hdr));
- if (hdr->len >= minlen) {
- ASSERT (hdr->caplen >= minlen);
+ if (hdr->len >= minlen && hdr->caplen >= minlen)
calculate_ip6 ((const struct ip6hdr*)bytes, octets);
- }
}
}
@@ -453,6 +449,9 @@ monitor_create (const char *device)
TAILQ_INSERT_TAIL(&monitors, mon, link);
mon->device = strdup (device);
+ ASSERT (SNAP_LEN >= sizeof (struct ethhdr) + sizeof (struct ip4hdr));
+ ASSERT (SNAP_LEN >= sizeof (struct ethhdr) + sizeof (struct ip6hdr));
+
mon->handle = pcap_open_live (mon->device, SNAP_LEN, 1, 100, errbuf);
if (!mon->handle) {
emsg ("couldn't open monitor on %s: %s", mon->device, errbuf);