diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2007-01-10 14:37:10 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2007-01-10 14:37:10 +0000 |
| commit | e6841f532133b218ad7ad265d692f783dec735a9 (patch) | |
| tree | 9fc5f0a7b9282d8a70f3d3c4da008d8fb6a3d966 /sbin/ipsecctl | |
| parent | 8618a178b2ca0762b60ff88594064174745db9a3 (diff) | |
allow rule if there is at least _one_ matching address family combination.
this allows 'flow from lo0 to 127.0.0.1' if lo0 has an ipv6 address.
ok itojun@, hshoexer@
Diffstat (limited to 'sbin/ipsecctl')
| -rw-r--r-- | sbin/ipsecctl/parse.y | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y index 61f3232f1e8..f63f0d90a63 100644 --- a/sbin/ipsecctl/parse.y +++ b/sbin/ipsecctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.116 2007/01/04 21:31:21 markus Exp $ */ +/* $OpenBSD: parse.y,v 1.117 2007/01/10 14:37:09 markus Exp $ */ /* * Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -1916,7 +1916,7 @@ validate_af(struct ipsec_addr_wrap *src, struct ipsec_addr_wrap *dst) if (dst_v4 && dst_v6) break; } - if (src_v4 != dst_v4 || src_v6 != dst_v6) + if (src_v4 != dst_v4 && src_v6 != dst_v6) return (1); return (0); |