diff options
-rw-r--r-- | module/bsnmp-jails.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/module/bsnmp-jails.c b/module/bsnmp-jails.c index fa14cf0..5e5e030 100644 --- a/module/bsnmp-jails.c +++ b/module/bsnmp-jails.c @@ -102,7 +102,7 @@ struct xprison_v2 { * DECLARATIONS */ -#define SNAP_LEN 48 +#define SNAP_LEN 64 /* our module handle */ static struct lmodule *module; @@ -389,18 +389,14 @@ monitor_packet (u_char *data, const struct pcap_pkthdr *hdr, const u_char *bytes /* IPv4 packet? */ if (type == 0x0800) { minlen = (sizeof (struct ethhdr) + sizeof (struct ip4hdr)); - if (hdr->len >= minlen) { - ASSERT (hdr->caplen >= minlen); + if (hdr->len >= minlen && hdr->caplen >= minlen) calculate_ip4 ((const struct ip4hdr*)bytes, octets); - } /* IPv6 packet? */ } else if (type == 0x86DD) { minlen = (sizeof (struct ethhdr) + sizeof (struct ip6hdr)); - if (hdr->len >= minlen) { - ASSERT (hdr->caplen >= minlen); + if (hdr->len >= minlen && hdr->caplen >= minlen) calculate_ip6 ((const struct ip6hdr*)bytes, octets); - } } } @@ -453,6 +449,9 @@ monitor_create (const char *device) TAILQ_INSERT_TAIL(&monitors, mon, link); mon->device = strdup (device); + ASSERT (SNAP_LEN >= sizeof (struct ethhdr) + sizeof (struct ip4hdr)); + ASSERT (SNAP_LEN >= sizeof (struct ethhdr) + sizeof (struct ip6hdr)); + mon->handle = pcap_open_live (mon->device, SNAP_LEN, 1, 100, errbuf); if (!mon->handle) { emsg ("couldn't open monitor on %s: %s", mon->device, errbuf); |