diff options
author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2006-10-06 17:04:54 +0000 |
---|---|---|
committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2006-10-06 17:04:54 +0000 |
commit | ef822adaa3e227a2f075dc23611416bc535f6535 (patch) | |
tree | d95195ac7075fa78a0f68e67f48d50f9fcdfd312 | |
parent | d9f56441b8f1580e20f450d7ede663e5060e5488 (diff) |
Print 'flags any' correctly and handle anchors.
-rw-r--r-- | sbin/pfctl/pfctl_parser.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index 7e8d4e2844a..a6eb255858c 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.229 2006/10/06 16:42:03 mcbride Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.230 2006/10/06 17:04:53 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -793,7 +793,11 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) print_flags(r->flags); printf("/"); print_flags(r->flagset); - } + } else if (r->action == PF_PASS && + (!r->proto || r->proto == IPPROTO_TCP) && + !(r->rule_flag & PFRULE_FRAGMENT) && + !anchor_call[0]) + printf(" flags any"); if (r->type) { const struct icmptypeent *it; @@ -818,7 +822,7 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) } if (r->tos) printf(" tos 0x%2.2x", r->tos); - if (!r->keep_state && r->action == PF_PASS) + if (!r->keep_state && r->action == PF_PASS && !anchor_call[0]) printf(" no state"); else if (r->keep_state == PF_STATE_NORMAL) printf(" keep state"); |