Account for IPV6 packet sizes in the capture.

1 files changed, 6 insertions, 7 deletions

diff --git a/module/bsnmp-jails.c b/module/bsnmp-jails.c
index fa14cf0..5e5e030 100644
--- a/module/bsnmp-jails.c
+++ b/module/bsnmp-jails.c
@@ -102,7 +102,7 @@ struct xprison_v2 {
  * DECLARATIONS
  */
 
-#define SNAP_LEN 48
+#define SNAP_LEN 64
 
 /* our module handle */
 static struct lmodule *module;
@@ -389,18 +389,14 @@ monitor_packet (u_char *data, const struct pcap_pkthdr *hdr, const u_char *bytes
 	/* IPv4 packet? */
 	if (type == 0x0800) {
 		minlen = (sizeof (struct ethhdr) + sizeof (struct ip4hdr));
-		if (hdr->len >= minlen) {
-			ASSERT (hdr->caplen >= minlen);
+		if (hdr->len >= minlen && hdr->caplen >= minlen)
 			calculate_ip4 ((const struct ip4hdr*)bytes, octets);
-		}
 
 	/* IPv6 packet? */
 	} else if (type == 0x86DD) {
 		minlen = (sizeof (struct ethhdr) + sizeof (struct ip6hdr));
-		if (hdr->len >= minlen) {
-			ASSERT (hdr->caplen >= minlen);
+		if (hdr->len >= minlen && hdr->caplen >= minlen)
 			calculate_ip6 ((const struct ip6hdr*)bytes, octets);
-		}
 	}
 }
 
@@ -453,6 +449,9 @@ monitor_create (const char *device)
 	TAILQ_INSERT_TAIL(&monitors, mon, link);
 	mon->device = strdup (device);
 
+	ASSERT (SNAP_LEN >= sizeof (struct ethhdr) + sizeof (struct ip4hdr));
+	ASSERT (SNAP_LEN >= sizeof (struct ethhdr) + sizeof (struct ip6hdr));
+
 	mon->handle = pcap_open_live (mon->device, SNAP_LEN, 1, 100, errbuf);
 	if (!mon->handle) {
 		emsg ("couldn't open monitor on %s: %s", mon->device, errbuf);