summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Hartmeier <dhartmei@cvs.openbsd.org>2007-02-03 23:26:41 +0000
committerDaniel Hartmeier <dhartmei@cvs.openbsd.org>2007-02-03 23:26:41 +0000
commit4483f3cbf5e2083ba7db2b9ae8e3e09a11326b53 (patch)
tree366e9e9d690067fce849ce58f39df45e83e8a5c7
parent2303d1c060738889a43617a5592a8fd05b8aba1d (diff)
in decide_address_family(), only limit a rule to a specific address family
when ALL entries have this specific AF (when even just one entry has no specific AF, use any). found by Maurice Janssen, ok henning@
-rw-r--r--sbin/pfctl/parse.y20
1 files changed, 8 insertions, 12 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 5d1daccf9c6..ef5d77b6ec4 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.516 2006/11/07 01:12:01 mcbride Exp $ */
+/* $OpenBSD: parse.y,v 1.517 2007/02/03 23:26:40 dhartmei Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -5323,19 +5323,15 @@ mv_rules(struct pf_ruleset *src, struct pf_ruleset *dst)
void
decide_address_family(struct node_host *n, sa_family_t *af)
{
- sa_family_t target_af = 0;
-
- while (!*af && n != NULL) {
- if (n->af) {
- if (target_af == 0)
- target_af = n->af;
- if (target_af != n->af)
- return;
+ if (*af != 0 || n == NULL)
+ return;
+ *af = n->af;
+ while ((n = n->next) != NULL) {
+ if (n->af != *af) {
+ *af = 0;
+ return;
}
- n = n->next;
}
- if (!*af && target_af)
- *af = target_af;
}
void