diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2011-04-06 13:19:56 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2011-04-06 13:19:56 +0000 |
| commit | f9f04df92b8065d144e484973f346e4981c22a9a (patch) | |
| tree | 7bba0ff92a80bd70c4acf6843f000ffbfd0a7a2b /sbin/pfctl/pfctl_parser.c | |
| parent | 91627ea8959bf9fbfc90c2468768eecbaff96ded (diff) | |
Userland bits to allow PF to filter on the rdomain a packet belongs to.
This allows to write rules like "pass in on rdomain 1".
Tested by phessler@, OK henning@
Diffstat (limited to 'sbin/pfctl/pfctl_parser.c')
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index f6ab2c68312..f6c5c7f16eb 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.274 2011/04/05 13:48:18 mikeb Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.275 2011/04/06 13:19:55 claudio Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -771,6 +771,12 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) else printf(" on %s", r->ifname); } + if (r->onrdomain >= 0) { + if (r->ifnot) + printf(" on ! rdomain %i", r->onrdomain); + else + printf(" on rdomain %i", r->onrdomain); + } if (r->af) { if (r->af == AF_INET) printf(" inet"); |