Revision tags: OPENBSD_6_2_BASE
|
#
1.7 |
|
09-Sep-2017 |
brynet |
Rework pflogd(8)'s fork+exec model; re-exec the unpriv child, not the privileged parent.
Based on feedback from deraadt@ and bluhm@ (worked on syslogd).
ok deraadt@
|
#
1.6 |
|
05-Sep-2017 |
brynet |
fork+exec model for pflogd(8); move pcap init to the re-exec'd privsep parent and use 'legit' fdpassing primitives to send the bpf fd to the unprivileged child process.
Also reduces the pledge(2) promises in the unpriv child to just "stdio recvfd"
with help from deraadt, pcap feedback from canacar
ok deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.5 |
|
10-Oct-2015 |
deraadt |
pflogd contained the same "privsep error" as tcpdump -- assuming that it can ioctl()'s against a bpf device node. Privsep that operation via a message to the parent process. Unfortunately "rpath wpath cpath" is still needed due to SIGHUP handling, but I have asked canacar the expert to look into this.
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.4 |
|
21-Sep-2010 |
henning |
bump default snaplen so that pfloghdr + ip hdr + prot hdr usually fit
|
Revision tags: OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.3 |
|
15-Jan-2006 |
canacar |
If the log file is invalid/incompatible, try to rename the bad log file and continue with a new name instead of suspending. ok mcbride@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.2 |
|
15-Jan-2004 |
canacar |
Try to preserve the integrity of the log file in case of errors/unexpected shutdowns etc. Also check logfile integrity on startup and suspend logging if an inconsistency is detected. ok dhartmei@
|
#
1.1 |
|
22-Oct-2003 |
canacar |
privilege seperated pflogd
_pflogd user and group must be created for proper operation.
ok frantzen@ henning@ mcbride@ deraadt@
|