Fix IPv6 identification for pflogs

edit

The pflog decoder does not recognize IPv6 packets generated by pflog on FreeBSD. Is there a way to force Wireshark to decode a packet as IPv6? It's not an option in the decoder.

Also, here's a patch to fix the problem in the source,

--- epan_dissectors_packet-pflog.c.orig       2018-01-27 23:03:34.236836600 -0800
+++ epan_dissectors_packet-pflog.c    2018-01-27 23:00:45.934629700 -0800
@@ -95,6 +95,8 @@
 static const value_string pflog_af_vals[] = {
   { BSD_AF_INET, "IPv4" },
   { BSD_AF_INET6_BSD, "IPv6" },
+  { BSD_AF_INET6_FREEBSD, "IPv6" },
+  { BSD_AF_INET6_DARWIN, "IPv6" },
   { 0, NULL }
 };

@@ -252,6 +254,8 @@
       break;

     case BSD_AF_INET6_BSD:
+    case BSD_AF_INET6_FREEBSD:
+    case BSD_AF_INET6_DARWIN:
       proto_tree_add_item(pflog_tree, hf_pflog_saddr_ipv6, tvb, offset, 16, ENC_NA);
       offset += 16;

@@ -294,6 +298,8 @@
     break;

   case BSD_AF_INET6_BSD:
+  case BSD_AF_INET6_FREEBSD:
+  case BSD_AF_INET6_DARWIN:
     call_dissector(ipv6_handle, next_tvb, pinfo, tree);
     break;

@@ -475,6 +481,8 @@
     break;

   case BSD_AF_INET6_BSD:
+  case BSD_AF_INET6_FREEBSD:
+  case BSD_AF_INET6_DARWIN:
     offset += call_dissector(ipv6_handle, next_tvb, pinfo, tree);
     break;