270090 – security/snort: Add support for FreeBSD 13.1 pflog header format

Bug 270090 - security/snort: Add support for FreeBSD 13.1 pflog header format

Summary: security/snort: Add support for FreeBSD 13.1 pflog header format

Status:	New

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Dan Langille

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-03-10 16:16 UTC by ldd
Modified:	2024-03-14 12:16 UTC (History)
CC List:	0 users

See Also:

Flags:	bugzilla: maintainer-feedback? (dvl)

Attachments
patch for FreeBSD 13.1 pflog header format (2.57 KB, patch) 2023-03-10 16:16 UTC, ldd	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description ldd 2023-03-10 16:16:11 UTC

Created attachment 240725 [details]
patch for FreeBSD 13.1 pflog header format

The FreeBSD and OpenBSD pflog header formats have diverged, and the latest changes to FreeBSD's header to support the "ridentifier" field (here: https://reviews.freebsd.org/D32750) are no longer supported by snort.  The attached patch adds support for the new header size.


Note: the same issue exists in Snort3, and a corresponding PR was submitted with a similar fix here: https://github.com/snort3/snort3_extra/pull/10

Comment 1 Dan Langille freebsd_committer

2024-03-14 12:16:19 UTC

Did this get included in a recent release?