summaryrefslogtreecommitdiff
path: root/sbin/pfctl/parse.y
diff options
context:
space:
mode:
authorCedric Berger <cedric@cvs.openbsd.org>2003-02-05 16:05:55 +0000
committerCedric Berger <cedric@cvs.openbsd.org>2003-02-05 16:05:55 +0000
commit145c5094e2174a8eb8f359d178ff9f9cd400824d (patch)
treec97ca81afe7ecf3b773b66842289ff28f43063c7 /sbin/pfctl/parse.y
parentc1d6b4b65226dd0d71b6c9c40340898718edc342 (diff)
Fix "pass out dup-to (tun0 1.1.1.1) inet6 all" error message
Allow "pass out dup-to tun0 all" ok mcbride@ henning@
Diffstat (limited to 'sbin/pfctl/parse.y')
-rw-r--r--sbin/pfctl/parse.y25
1 files changed, 18 insertions, 7 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 3f6d9a710a7..b37742ce037 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.307 2003/02/05 00:46:57 mcbride Exp $ */
+/* $OpenBSD: parse.y,v 1.308 2003/02/05 16:05:54 cedric Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -267,6 +267,7 @@ char *symget(const char *);
void decide_address_family(struct node_host *, sa_family_t *);
void remove_invalid_hosts(struct node_host **, sa_family_t *);
+int invalid_redirect(struct node_host *, sa_family_t);
u_int16_t parseicmpspec(char *, sa_family_t);
typedef struct {
@@ -1168,7 +1169,8 @@ pfrule : action dir logquick interface route af proto fromto
decide_address_family($5.host, &r.af);
remove_invalid_hosts(&$5.host, &r.af);
if ($5.host == NULL) {
- yyerror("$5.host == NULL");
+ yyerror("no routing address with matching address family "
+ "found.");
YYERROR;
}
if ($5.host->next != NULL) {
@@ -2256,7 +2258,7 @@ natrule : no NAT interface af proto fromto redirpool pooltype staticport
nat.af = $7->host->af;
remove_invalid_hosts(&$7->host, &nat.af);
- if ($7->host == NULL)
+ if (invalid_redirect($7->host, nat.af))
YYERROR;
nat.rpool.proxy_port[0] = ntohs($7->rport.a);
nat.rpool.proxy_port[1] = ntohs($7->rport.b);
@@ -2414,7 +2416,7 @@ binatrule : no BINAT interface af proto FROM host TO ipspec redirection
}
remove_invalid_hosts(&$10->host, &binat.af);
- if ($10->host == NULL)
+ if (invalid_redirect($10->host, binat.af))
YYERROR;
if ($10->host->next != NULL) {
yyerror("binat rule must redirect to "
@@ -2513,7 +2515,7 @@ rdrrule : no RDR interface af proto FROM ipspec TO ipspec dport
rdr.af = $11->host->af;
remove_invalid_hosts(&$11->host, &rdr.af);
- if ($11->host == NULL)
+ if (invalid_redirect($11->host, rdr.af))
YYERROR;
rdr.rpool.proxy_port[0] = $11->rport.a;
if ($11->rport.t && $10.b) {
@@ -4007,13 +4009,22 @@ remove_invalid_hosts(struct node_host **nh, sa_family_t *af)
n = n->next;
}
}
+}
- if (!*af)
+int
+invalid_redirect(struct node_host *nh, sa_family_t af)
+{
+ if (!af) {
yyerror("address family not given and translation "
"address expands to multiple address families");
- else if (*nh == NULL)
+ return (1);
+ }
+ if (nh == NULL) {
yyerror("no translation address with matching address family "
"found.");
+ return (1);
+ }
+ return (0);
}
int