1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
Index: spamlogd.c
===================================================================
RCS file: /cvs/src/libexec/spamlogd/spamlogd.c,v
retrieving revision 1.26
diff -u -r1.26 spamlogd.c
--- spamlogd.c 11 Dec 2015 17:16:52 -0000 1.26
+++ spamlogd.c 31 Dec 2015 15:48:03 -0000
@@ -32,6 +32,7 @@
#include <netinet/in.h>
#include <netinet/ip.h>
+#include <netinet/ip6.h>
#include <arpa/inet.h>
#include <net/pfvar.h>
@@ -110,8 +111,9 @@
init_pcap(void)
{
struct bpf_program bpfp;
- char filter[PCAPFSIZ] = "ip and port 25 and action pass "
- "and tcp[13]&0x12=0x2";
+ char filter[PCAPFSIZ] = "tcp and port 25 and action pass "
+ "and ((ip and tcp[13] & 0x12 = 0x2) or "
+ "(ip6 and ip6[6] = 0x6 and ip6[53] & 0x12 = 0x2))";
if ((hpcap = pcap_open_live(pflogif, PCAPSNAP, 1, PCAPTIMO,
errbuf)) == NULL) {
@@ -155,6 +157,7 @@
u_int8_t hdrlen;
u_int32_t caplen = h->caplen;
const struct ip *ip = NULL;
+ const struct ip6_hdr *ip6 = NULL;
const struct pfloghdr *hdr;
char ipstraddr[40] = { '\0' };
@@ -185,6 +188,14 @@
else if (hdr->dir == PF_OUT && !flag_inbound)
inet_ntop(af, &ip->ip_dst, ipstraddr,
sizeof(ipstraddr));
+ } else if (af == AF_INET6) {
+ ip6 = (const struct ip6_hdr *)(sp + hdrlen);
+ if (hdr->dir == PF_IN)
+ inet_ntop(af, &ip6->ip6_src, ipstraddr,
+ sizeof(ipstraddr));
+ else if (hdr->dir == PF_OUT && !flag_inbound)
+ inet_ntop(af, &ip6->ip6_dst, ipstraddr,
+ sizeof(ipstraddr));
}
if (ipstraddr[0] != '\0') {
@@ -205,7 +216,12 @@
struct gdata gd;
time_t now;
int r;
- struct in_addr ia;
+ struct addrinfo hints, *res;
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_DGRAM; /*dummy*/
+ hints.ai_protocol = IPPROTO_UDP; /*dummy*/
+ hints.ai_flags = AI_NUMERICHOST;
now = time(NULL);
memset(&hashinfo, 0, sizeof(hashinfo));
@@ -215,10 +231,12 @@
strerror(errno));
return (-1);
}
- if (inet_pton(AF_INET, ip, &ia) != 1) {
+ if (getaddrinfo(ip, NULL, &hints, &res) != 0) {
logmsg(LOG_NOTICE, "Invalid IP address %s", ip);
goto bad;
}
+ freeaddrinfo(res);
+
memset(&dbk, 0, sizeof(dbk));
dbk.size = strlen(ip);
dbk.data = ip;
|
