diff options
author | Mike Frantzen <frantzen@cvs.openbsd.org> | 2002-06-18 20:07:59 +0000 |
---|---|---|
committer | Mike Frantzen <frantzen@cvs.openbsd.org> | 2002-06-18 20:07:59 +0000 |
commit | e25e9dbe617dbfb9e54080cf5d65ecc259ccc47c (patch) | |
tree | 7bfbbf1a3cbf263f26b15803be19c46b4a4c6e44 | |
parent | 010c7f46b58d5c5e4995cef428d49cebc2117d75 (diff) |
don't allow individual keep state rules to specify timeouts for 'interval' and
'frag' -- they aren't applied anyway
ok dhartmei@ and henning@
-rw-r--r-- | sbin/pfctl/parse.y | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 6697c7ff989..ca323aeda81 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.101 2002/06/16 23:22:18 aaron Exp $ */ +/* $OpenBSD: parse.y,v 1.102 2002/06/18 20:07:58 frantzen Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -1104,6 +1104,10 @@ state_opt_item : MAXIMUM NUMBER { yyerror("illegal timeout name %s", $1); YYERROR; } + if (strchr(pf_timeouts[i].name, '.') == NULL) { + yyerror("illegal state timeout %s", $1); + YYERROR; + } if ($2 < 0) { yyerror("illegal timeout value %d", $2); YYERROR; |