diff options
| author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-11-08 00:45:35 +0000 |
|---|---|---|
| committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-11-08 00:45:35 +0000 |
| commit | ad889ed4b346cf23a293ccca7173155cb2c7b96b (patch) | |
| tree | 4af13e1664679a08b0035b108a4deeec5a7f20c6 /sbin/pfctl/pfctl_parser.c | |
| parent | f79d6110d197c3e4858e283591f7031205d91a53 (diff) | |
Add 'no-sync' state option to prevent state transition messages for states
created by this rule from appearing on the pfsync(4) interface. e.g.
pass in proto tcp to self flags S/SA keep state (no-sync)
ok cedric@ henning@ dhartmei@
Diffstat (limited to 'sbin/pfctl/pfctl_parser.c')
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index ae4aec5a168..18adf05bfa8 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.179 2003/11/06 15:18:12 henning Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.180 2003/11/08 00:45:34 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -704,6 +704,8 @@ print_rule(struct pf_rule *r, int verbose) opts = 0; if (r->max_states) opts = 1; + if (r->rule_flag & PFRULE_NOSYNC) + opts = 1; for (i = 0; !opts && i < PFTM_MAX; ++i) if (r->timeout[i]) opts = 1; @@ -713,6 +715,12 @@ print_rule(struct pf_rule *r, int verbose) printf("max %u", r->max_states); opts = 0; } + if (r->rule_flag & PFRULE_NOSYNC) { + if (!opts) + printf(", "); + printf("no-sync"); + opts = 0; + } for (i = 0; i < PFTM_MAX; ++i) if (r->timeout[i]) { if (!opts) |