diff options
author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2005-07-07 21:13:01 +0000 |
---|---|---|
committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2005-07-07 21:13:01 +0000 |
commit | c72f30b2467e073602a1ee4109d550af0cadecc0 (patch) | |
tree | be9f1caf8936f90f4ba07f2297652f41b2ce17ea /sbin/ipsecctl | |
parent | 8a5114c9f5c0e7096e76478d33bdac4c2cdc8454 (diff) |
Do not mix rule types with flow types
Diffstat (limited to 'sbin/ipsecctl')
-rw-r--r-- | sbin/ipsecctl/ipsecctl.c | 3 | ||||
-rw-r--r-- | sbin/ipsecctl/ipsecctl.h | 6 | ||||
-rw-r--r-- | sbin/ipsecctl/pfkey.c | 16 |
3 files changed, 14 insertions, 11 deletions
diff --git a/sbin/ipsecctl/ipsecctl.c b/sbin/ipsecctl/ipsecctl.c index 5f42601b3a2..b1a562e7aed 100644 --- a/sbin/ipsecctl/ipsecctl.c +++ b/sbin/ipsecctl/ipsecctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsecctl.c,v 1.14 2005/07/07 21:00:07 hshoexer Exp $ */ +/* $OpenBSD: ipsecctl.c,v 1.15 2005/07/07 21:13:00 hshoexer Exp $ */ /* * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -266,6 +266,7 @@ ipsecctl_get_rules(struct ipsecctl *ipsec) if (rule == NULL) err(1, "malloc"); rule->nr = ipsec->rule_nr++; + rule->type = RULE_FLOW; if (pfkey_parse(msg, rule)) errx(1, "failed to parse pfkey message"); diff --git a/sbin/ipsecctl/ipsecctl.h b/sbin/ipsecctl/ipsecctl.h index f84075125ad..b70d72add69 100644 --- a/sbin/ipsecctl/ipsecctl.h +++ b/sbin/ipsecctl/ipsecctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsecctl.h,v 1.8 2005/07/07 21:00:08 hshoexer Exp $ */ +/* $OpenBSD: ipsecctl.h,v 1.9 2005/07/07 21:13:00 hshoexer Exp $ */ /* * Copyright (c) 2004, 2005 Hans-Joerg Hoexer <hshoexer@openbsd.org> * @@ -67,6 +67,8 @@ struct ipsec_auth { /* Complete state of one rule. */ struct ipsec_rule { + u_int8_t type; + struct ipsec_addr *src; struct ipsec_addr *dst; struct ipsec_addr *peer; @@ -74,7 +76,7 @@ struct ipsec_rule { u_int8_t proto; u_int8_t direction; - u_int8_t type; + u_int8_t flowtype; u_int32_t nr; TAILQ_ENTRY(ipsec_rule) entries; diff --git a/sbin/ipsecctl/pfkey.c b/sbin/ipsecctl/pfkey.c index ce6d2341797..2d61022eccb 100644 --- a/sbin/ipsecctl/pfkey.c +++ b/sbin/ipsecctl/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.11 2005/07/07 20:58:28 hshoexer Exp $ */ +/* $OpenBSD: pfkey.c,v 1.12 2005/07/07 21:13:00 hshoexer Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> * Copyright (c) 2003, 2004 Markus Friedl <markus@openbsd.org> @@ -442,25 +442,25 @@ pfkey_parse(struct sadb_msg *msg, struct ipsec_rule *rule) } switch (sproto->sadb_protocol_proto) { case SADB_X_FLOW_TYPE_USE: - rule->type = TYPE_USE; + rule->flowtype = TYPE_USE; break; case SADB_X_FLOW_TYPE_ACQUIRE: - rule->type = TYPE_ACQUIRE; + rule->flowtype = TYPE_ACQUIRE; break; case SADB_X_FLOW_TYPE_REQUIRE: - rule->type = TYPE_REQUIRE; + rule->flowtype = TYPE_REQUIRE; break; case SADB_X_FLOW_TYPE_DENY: - rule->type = TYPE_DENY; + rule->flowtype = TYPE_DENY; break; case SADB_X_FLOW_TYPE_BYPASS: - rule->type = TYPE_BYPASS; + rule->flowtype = TYPE_BYPASS; break; case SADB_X_FLOW_TYPE_DONTACQ: - rule->type = TYPE_DONTACQ; + rule->flowtype = TYPE_DONTACQ; break; default: - rule->type = TYPE_UNKNOWN; + rule->flowtype = TYPE_UNKNOWN; break; } break; |