diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2015-02-10 06:45:56 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2015-02-10 06:45:56 +0000 |
| commit | a589dc5a7f5e9f672419d53357dc098e1868a60b (patch) | |
| tree | 3c7f0893999a9b0ad99289401c1b05d76a4f2f89 /sbin/pfctl | |
| parent | 30d20b716e66b1f85838cb182cf559a5dbb74f8d (diff) | |
since we inherit prio (as in, the queuing priority) from outside sources,
i. e. on vlan interfaces, it is useful to be able to match on it -
effectively matching on classification done elsewhere.
i thought i had long implemented that, but chrisz@ asking for it made
me notice that wasn't the case.
tests by chrisz, ok phessler pelikan
Diffstat (limited to 'sbin/pfctl')
| -rw-r--r-- | sbin/pfctl/parse.y | 24 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 4 |
2 files changed, 26 insertions, 2 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index bf2dbbce540..5901e7255e4 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.644 2015/01/16 06:40:00 deraadt Exp $ */ +/* $OpenBSD: parse.y,v 1.645 2015/02/10 06:45:55 henning Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -230,6 +230,7 @@ struct filter_opts { #define FOM_SCRUB_TCP 0x0200 #define FOM_SETPRIO 0x0400 #define FOM_ONCE 0x1000 +#define FOM_PRIO 0x2000 struct node_uid *uid; struct node_gid *gid; struct node_if *rcv; @@ -254,6 +255,7 @@ struct filter_opts { char *match_tag; u_int8_t match_tag_not; u_int rtableid; + u_int8_t prio; u_int8_t set_prio[2]; struct { struct node_host *addr; @@ -881,6 +883,10 @@ anchorrule : ANCHOR anchorname dir quick interface af proto fromto YYERROR; } r.match_tag_not = $9.match_tag_not; + if ($9.marker & FOM_PRIO) + r.prio = $9.prio; + else + r.prio = 0xff; if ($9.marker & FOM_SETPRIO) { r.set_prio[0] = $9.set_prio[0]; r.set_prio[1] = $9.set_prio[1]; @@ -1484,6 +1490,10 @@ pfrule : action dir logquick interface af proto fromto } if ($8.marker & FOM_SCRUB_TCP) r.scrub_flags |= PFSTATE_SCRUB_TCP; + if ($8.marker & FOM_PRIO) + r.prio = $8.prio; + else + r.prio = 0xff; if ($8.marker & FOM_SETPRIO) { r.set_prio[0] = $8.set_prio[0]; r.set_prio[1] = $8.set_prio[1]; @@ -1914,6 +1924,18 @@ filter_opt : USER uids { filter_opts.marker |= FOM_ICMP; filter_opts.icmpspec = $1; } + | PRIO NUMBER { + if (filter_opts.marker & FOM_PRIO) { + yyerror("prio cannot be redefined"); + YYERROR; + } + if ($2 < 0 || $2 > IFQ_MAXPRIO) { + yyerror("prio must be 0 - %u", IFQ_MAXPRIO); + YYERROR; + } + filter_opts.marker |= FOM_PRIO; + filter_opts.prio = $2; + } | TOS tos { if (filter_opts.marker & FOM_TOS) { yyerror("tos cannot be redefined"); diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index fdf631936b3..0a5b96088b3 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.302 2015/02/07 23:35:27 tedu Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.303 2015/02/10 06:45:55 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -853,6 +853,8 @@ print_rule(struct pf_rule *r, const char *anchor_call, int opts) } if (r->tos) printf(" tos 0x%2.2x", r->tos); + if (r->prio != 0xff) + printf(" prio %u", r->prio); if (r->scrub_flags & PFSTATE_SETMASK || r->qname[0]) { char *comma = ""; |