diff options
author | jim-p <jimp@pfsense.org> | 2013-01-25 16:40:52 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-01-25 16:41:48 -0500 |
commit | fb6079dbaf63aa994d8039788d60dac48eb99986 (patch) | |
tree | 1f7d6b3c8d956ecb558208e149002b47f1062073 /etc/inc/filter_log.inc | |
parent | f3bddb472f7f13990312ef6a59d3a064d064eb92 (diff) | |
download | pfsense-fb6079dbaf63aa994d8039788d60dac48eb99986.zip pfsense-fb6079dbaf63aa994d8039788d60dac48eb99986.tar.gz |
Try a little harder to find the protocol rather than giving up. Fixes #2751
Diffstat (limited to 'etc/inc/filter_log.inc')
-rw-r--r-- | etc/inc/filter_log.inc | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/etc/inc/filter_log.inc b/etc/inc/filter_log.inc index d989fa1..974dcdf 100644 --- a/etc/inc/filter_log.inc +++ b/etc/inc/filter_log.inc @@ -170,7 +170,17 @@ function parse_filter_line($line) { $flags = preg_split('/[, ]/', $leftovers); $flent['tcpflags'] = str_replace(".", "A", substr($flags[1], 1, -1)); } elseif ($flent['proto'] == "Options") { - $flent['proto'] = "none"; + /* Then there must be some info we missed */ + if (!(strpos($leftovers, 'sum ok] ') === FALSE)) { + preg_match("/.*\ssum ok]\s(.*)\,\s.*/", $leftovers, $proto); + } elseif (!(strpos($line, 'sum ok] ') === FALSE)) { + preg_match("/.*\ssum ok]\s(.*)\,\s.*/", $line, $proto); + } + $proto = explode(" ", trim($proto[1])); + $flent['proto'] = rtrim($proto[0], ","); + /* If it's still 'Options', then just ignore it. */ + if ($flent['proto'] == "Options") + $flent['proto'] = "none"; } /* If there is a src, a dst, and a time, then the line should be usable/good */ |