diff --git a/src/drv/wipfbuf.c b/src/drv/wipfbuf.c
index d86ea7f6..de75a329 100644
--- a/src/drv/wipfbuf.c
+++ b/src/drv/wipfbuf.c
@@ -1,6 +1,6 @@
 /* Windows IP Filter Log Buffer */
 
-#define WIPF_BUFFER_SIZE	4 * 1024
+#define WIPF_BUFFER_SIZE	2 * 1024
 #define WIPF_BUFFER_SIZE_MAX	32 * 1024
 
 #include "../wipflog.c"
@@ -36,12 +36,16 @@ wipf_buffer_write (PWIPF_BUFFER buf, UINT32 remote_ip, UINT64 pid,
                    UINT32 path_len, const PVOID path,
                    PIRP *irp, NTSTATUS *irp_status, ULONG_PTR *info)
 {
-  const UINT32 len = sizeof(UINT32) + sizeof(UINT64)
-      + sizeof(UINT32) + path_len;
+  UINT32 len = WIPF_LOG_SIZE(path_len);
   UINT32 size;
   KIRQL irq;
   NTSTATUS status = STATUS_SUCCESS;
 
+  if (len > WIPF_BUFFER_SIZE) {
+    path_len = 0;  /* drop too long path */
+    len = WIPF_LOG_SIZE(0);
+  }
+
   KeAcquireSpinLock(&buf->lock, &irq);
 
   /* Try to directly write to pending client */
@@ -64,10 +68,6 @@ wipf_buffer_write (PWIPF_BUFFER buf, UINT32 remote_ip, UINT64 pid,
 
   size = buf->size;
 
-  if (len > WIPF_BUFFER_SIZE) {
-    status = STATUS_INVALID_PARAMETER;
-    goto end;  /* drop too long path */
-  }
   if (len > size - buf->top) {
     size *= 2;
   }
diff --git a/src/wipflog.c b/src/wipflog.c
index cb36fc16..a1132415 100644
--- a/src/wipflog.c
+++ b/src/wipflog.c
@@ -1,5 +1,9 @@
 /* Windows IP Filter Log */
 
+#define WIPF_LOG_SIZE(path_len) \
+  (sizeof(UINT32) + sizeof(UINT64) + sizeof(UINT32) + (path_len))
+
+
 static void
 wipf_log_write (char *p, UINT32 remote_ip, UINT64 pid,
                 UINT32 path_len, const char *path)