src - OpenBSD base system

diff options


context:
space:
mode:

author	Daniel Hartmeier <dhartmei@cvs.openbsd.org>	2003-01-05 22:14:24 +0000
committer	Daniel Hartmeier <dhartmei@cvs.openbsd.org>	2003-01-05 22:14:24 +0000
commit	e90372b0147e36057b0216cf1cb442f1b8c3955f (patch)
tree	0cdac851fa7f60405ef7ca54c0ea123c33277a25 /sbin/pfctl
parent	09dcd6125afd8c7e7c8822dc484f471faa7f0457 (diff)

Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table

name. ok henning@, mcbride@, cedric@

Diffstat (limited to 'sbin/pfctl')

-rw-r--r--

sbin/pfctl/parse.y

132

-rw-r--r--

sbin/pfctl/pf_print_state.c

-rw-r--r--

sbin/pfctl/pfctl.c

-rw-r--r--

sbin/pfctl/pfctl_parser.c

4 files changed, 106 insertions, 101 deletions

diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index c3ecf67540d..6524ab90b54 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y

@@ -1,4 +1,4 @@

-/* $OpenBSD: parse.y,v 1.276 2003/01/04 17:40:51 dhartmei Exp $ */

+/* $OpenBSD: parse.y,v 1.277 2003/01/05 22:14:23 dhartmei Exp $ */

@@ -1513,9 +1513,9 @@ address : '(' STRING ')' {

err(1, "address: calloc");

$$->af = 0;

set_ipmask($$, 128);

- $$->addr.addr_dyn = (struct pf_addr_dyn *)1;

- strlcpy($$->addr.addr.pfa.ifname, $2,

- sizeof($$->addr.addr.pfa.ifname));

+ $$->addr.type = PF_ADDR_DYNIFTL;

+ strlcpy($$->addr.v.ifname, $2,

+ sizeof($$->addr.v.ifname));

$$->next = NULL;

$$->tail = $$;

}

@@ -2219,10 +2219,10 @@ natrule : no NAT interface af proto fromto redirpool pooltype staticport

}

} else {

if ((nat.af == AF_INET &&

- unmask(&$7->host->addr.mask,

+ unmask(&$7->host->addr.v.a.mask,

nat.af) == 32) ||

(nat.af == AF_INET6 &&

- unmask(&$7->host->addr.mask,

+ unmask(&$7->host->addr.v.a.mask,

nat.af) == 128)) {

nat.rpool.opts = PF_POOL_NONE;

} else {

@@ -2282,7 +2282,7 @@ binatrule : no BINAT interface af proto FROM host TO ipspec redirection

yyerror("multiple binat ip addresses");

YYERROR;

}

- if ($7->addr.addr_dyn != NULL) {

+ if ($7->addr.type == PF_ADDR_DYNIFTL) {

if (!binat.af) {

yyerror("address family (inet/"

"inet6) undefined");

@@ -2295,10 +2295,12 @@ binatrule : no BINAT interface af proto FROM host TO ipspec redirection

YYERROR;

}

binat.af = $7->af;

- memcpy(&binat.src.addr.addr, &$7->addr.addr,

- sizeof(binat.src.addr.addr));

- memcpy(&binat.src.addr.mask, &$7->addr.mask,

- sizeof(binat.src.addr.mask));

+ memcpy(&binat.src.addr.v.a.addr,

+ &$7->addr.v.a.addr,

+ sizeof(binat.src.addr.v.a.addr));

+ memcpy(&binat.src.addr.v.a.mask,

+ &$7->addr.v.a.mask,

+ sizeof(binat.src.addr.v.a.mask));

free($7);

}

if ($9 != NULL) {

@@ -2306,7 +2308,7 @@ binatrule : no BINAT interface af proto FROM host TO ipspec redirection

yyerror("multiple binat ip addresses");

YYERROR;

}

- if ($9->addr.addr_dyn != NULL) {

+ if ($9->addr.type == PF_ADDR_DYNIFTL) {

if (!binat.af) {

yyerror("address family (inet/"

"inet6) undefined");

@@ -2319,10 +2321,12 @@ binatrule : no BINAT interface af proto FROM host TO ipspec redirection

YYERROR;

}

binat.af = $9->af;

- memcpy(&binat.dst.addr.addr, &$9->addr.addr,

- sizeof(binat.dst.addr.addr));

- memcpy(&binat.dst.addr.mask, &$9->addr.mask,

- sizeof(binat.dst.addr.mask));

+ memcpy(&binat.dst.addr.v.a.addr,

+ &$9->addr.v.a.addr,

+ sizeof(binat.dst.addr.v.a.addr));

+ memcpy(&binat.dst.addr.v.a.mask,

+ &$9->addr.v.a.mask,

+ sizeof(binat.dst.addr.v.a.mask));

binat.dst.not = $9->not;

free($9);

}

@@ -2349,9 +2353,9 @@ binatrule : no BINAT interface af proto FROM host TO ipspec redirection

YYERROR;

}

- if (!PF_AZERO(&binat.src.addr.mask, binat.af) &&

- !PF_AEQ(&binat.src.addr.mask,

- &$10->host->addr.mask, binat.af)) {

+ if (!PF_AZERO(&binat.src.addr.v.a.mask, binat.af) &&

+ !PF_AEQ(&binat.src.addr.v.a.mask,

+ &$10->host->addr.v.a.mask, binat.af)) {

yyerror("'binat' source mask and "

"redirect mask must be the same");

YYERROR;

@@ -2392,19 +2396,23 @@ rdrrule : no RDR interface af proto FROM ipspec TO ipspec dport

rdr.af = $4;

if ($7 != NULL) {

- memcpy(&rdr.src.addr.addr, &$7->addr.addr,

- sizeof(rdr.src.addr.addr));

- memcpy(&rdr.src.addr.mask, &$7->addr.mask,

- sizeof(rdr.src.addr.mask));

+ memcpy(&rdr.src.addr.v.a.addr,

+ &$7->addr.v.a.addr,

+ sizeof(rdr.src.addr.v.a.addr));

+ memcpy(&rdr.src.addr.v.a.mask,

+ &$7->addr.v.a.mask,

+ sizeof(rdr.src.addr.v.a.mask));

rdr.src.not = $7->not;

if (!rdr.af && !$7->ifindex)

rdr.af = $7->af;

}

if ($9 != NULL) {

- memcpy(&rdr.dst.addr.addr, &$9->addr.addr,

- sizeof(rdr.dst.addr.addr));

- memcpy(&rdr.dst.addr.mask, &$9->addr.mask,

- sizeof(rdr.dst.addr.mask));

+ memcpy(&rdr.dst.addr.v.a.addr,

+ &$9->addr.v.a.addr,

+ sizeof(rdr.dst.addr.v.a.addr));

+ memcpy(&rdr.dst.addr.v.a.mask,

+ &$9->addr.v.a.mask,

+ sizeof(rdr.dst.addr.v.a.mask));

rdr.dst.not = $9->not;

if (!rdr.af && !$9->ifindex)

rdr.af = $9->af;

@@ -2453,10 +2461,10 @@ rdrrule : no RDR interface af proto FROM ipspec TO ipspec dport

}

} else {

if ((rdr.af == AF_INET &&

- unmask(&$11->host->addr.mask,

+ unmask(&$11->host->addr.v.a.mask,

rdr.af) == 32) ||

(rdr.af == AF_INET6 &&

- unmask(&$11->host->addr.mask,

+ unmask(&$11->host->addr.v.a.mask,

rdr.af) == 128)) {

rdr.rpool.opts = PF_POOL_NONE;

} else {

@@ -2668,8 +2676,8 @@ rule_consistent(struct pf_rule *r)

yyerror("allow-opts can only be specified for pass rules");

problems++;

}

- if (!r->af && (r->src.addr.addr_dyn != NULL ||

- r->dst.addr.addr_dyn != NULL)) {

+ if (!r->af && (r->src.addr.type == PF_ADDR_DYNIFTL ||

+ r->dst.addr.type == PF_ADDR_DYNIFTL)) {

yyerror("dynamic addresses require address family "

"(inet/inet6)");

problems++;

@@ -2698,7 +2706,7 @@ nat_consistent(struct pf_rule *r)

if (!r->af) {

TAILQ_FOREACH(pa, &r->rpool.list, entries) {

- if (pa->addr.addr.addr_dyn != NULL) {

+ if (pa->addr.addr.type == PF_ADDR_DYNIFTL) {

yyerror("dynamic addresses require "

"address family (inet/inet6)");

problems++;

@@ -2721,14 +2729,14 @@ rdr_consistent(struct pf_rule *r)

problems++;

}

if (!r->af) {

- if (r->src.addr.addr_dyn != NULL ||

- r->dst.addr.addr_dyn != NULL) {

+ if (r->src.addr.type == PF_ADDR_DYNIFTL ||

+ r->dst.addr.type == PF_ADDR_DYNIFTL) {

yyerror("dynamic addresses require address family "

"(inet/inet6)");

problems++;

} else {

TAILQ_FOREACH(pa, &r->rpool.list, entries) {

- if (pa->addr.addr.addr_dyn != NULL) {

+ if (pa->addr.addr.type == PF_ADDR_DYNIFTL) {

yyerror("dynamic addresses require "

"address family (inet/inet6)");

problems++;

@@ -2807,23 +2815,23 @@ expand_label_addr(const char *name, char *label, sa_family_t af,

if (h->not)

strlcat(tmp, "! ", PF_RULE_LABEL_SIZE);

- if (h->addr.addr_dyn != NULL) {

+ if (h->addr.type == PF_ADDR_DYNIFTL) {

strlcat(tmp, "(", PF_RULE_LABEL_SIZE);

- strlcat(tmp, h->addr.addr.pfa.ifname,

+ strlcat(tmp, h->addr.v.ifname,

PF_RULE_LABEL_SIZE);

strlcat(tmp, ")", PF_RULE_LABEL_SIZE);

- } else if (!af || (PF_AZERO(&h->addr.addr, af) &&

- PF_AZERO(&h->addr.mask, af)))

+ } else if (!af || (PF_AZERO(&h->addr.v.a.addr, af) &&

+ PF_AZERO(&h->addr.v.a.mask, af)))

strlcat(tmp, "any", PF_RULE_LABEL_SIZE);

else {

char a[48];

int bits;

- if (inet_ntop(af, &h->addr.addr, a,

+ if (inet_ntop(af, &h->addr.v.a.addr, a,

sizeof(a)) == NULL)

strlcat(a, "?", sizeof(a));

strlcat(tmp, a, PF_RULE_LABEL_SIZE);

- bits = unmask(&h->addr.mask, af);

+ bits = unmask(&h->addr.v.a.mask, af);

a[0] = 0;

if ((af == AF_INET && bits < 32) ||

(af == AF_INET6 && bits < 128))

@@ -3784,7 +3792,7 @@ set_ipmask(struct node_host *h, u_int8_t b)

struct pf_addr *m, *n;

int i, j = 0;

- m = &h->addr.mask;

+ m = &h->addr.v.a.mask;

for (i = 0; i < 4; i++)

m->addr32[i] = 0;

@@ -3799,7 +3807,7 @@ set_ipmask(struct node_host *h, u_int8_t b)

m->addr32[j] = htonl(m->addr32[j]);

/* Mask off bits of the address that will never be used. */

- n = &h->addr.addr;

+ n = &h->addr.v.a.addr;

for (i = 0; i < 4; i++)

n->addr32[i] = n->addr32[i] & m->addr32[i];

}

@@ -3868,7 +3876,6 @@ ifa_load(void)

if (n == NULL)

err(1, "address: calloc");

n->af = ifa->ifa_addr->sa_family;

- n->addr.addr_dyn = NULL;

n->ifa_flags = ifa->ifa_flags;

#ifdef __KAME__

if (n->af == AF_INET6 &&

@@ -3886,10 +3893,10 @@ ifa_load(void)

#endif

n->ifindex = 0;

if (n->af == AF_INET) {

- memcpy(&n->addr.addr, &((struct sockaddr_in *)

+ memcpy(&n->addr.v.a.addr, &((struct sockaddr_in *)

ifa->ifa_addr)->sin_addr.s_addr,

sizeof(struct in_addr));

- memcpy(&n->addr.mask, &((struct sockaddr_in *)

+ memcpy(&n->addr.v.a.mask, &((struct sockaddr_in *)

ifa->ifa_netmask)->sin_addr.s_addr,

sizeof(struct in_addr));

if (ifa->ifa_broadaddr != NULL)

@@ -3897,10 +3904,10 @@ ifa_load(void)

ifa->ifa_broadaddr)->sin_addr.s_addr,

sizeof(struct in_addr));

} else if (n->af == AF_INET6) {

- memcpy(&n->addr.addr, &((struct sockaddr_in6 *)

+ memcpy(&n->addr.v.a.addr, &((struct sockaddr_in6 *)

ifa->ifa_addr)->sin6_addr.s6_addr,

sizeof(struct in6_addr));

- memcpy(&n->addr.mask, &((struct sockaddr_in6 *)

+ memcpy(&n->addr.v.a.mask, &((struct sockaddr_in6 *)

ifa->ifa_netmask)->sin6_addr.s6_addr,

sizeof(struct in6_addr));

if (ifa->ifa_broadaddr != NULL)

@@ -3966,20 +3973,20 @@ ifa_lookup(char *ifa_name, enum pfctl_iflookup_mode mode)

if (n == NULL)

err(1, "address: calloc");

n->af = p->af;

- n->addr.addr_dyn = NULL;

- if (mode == PFCTL_IFLOOKUP_BCAST) {

- memcpy(&n->addr.addr, &p->bcast,

- sizeof(struct pf_addr));

- } else

- memcpy(&n->addr.addr, &p->addr.addr,

+ if (mode == PFCTL_IFLOOKUP_BCAST)

+ memcpy(&n->addr.v.a.addr, &p->bcast,

+ sizeof(struct pf_addr));

+ else

+ memcpy(&n->addr.v.a.addr, &p->addr.v.a.addr,

sizeof(struct pf_addr));

if (mode == PFCTL_IFLOOKUP_NET)

- set_ipmask(n, unmask(&p->addr.mask, n->af));

+ set_ipmask(n, unmask(&p->addr.v.a.mask, n->af));

else {

if (n->af == AF_INET) {

if (p->ifa_flags & IFF_LOOPBACK &&

p->ifa_flags & IFF_LINK1)

- memcpy(&n->addr.mask, &p->addr.mask,

+ memcpy(&n->addr.v.a.mask,

+ &p->addr.v.a.mask,

sizeof(struct pf_addr));

else

set_ipmask(n, 32);

@@ -4098,8 +4105,7 @@ host(char *s, int mask)

err(1, "address: calloc");

h->ifname = NULL;

h->af = AF_INET;

- h->addr.addr_dyn = NULL;

- h->addr.addr.addr32[0] = ina.s_addr;

+ h->addr.v.a.addr.addr32[0] = ina.s_addr;

set_ipmask(h, bits);

h->next = NULL;

h->tail = h;

@@ -4118,10 +4124,9 @@ host(char *s, int mask)

err(1, "address: calloc");

n->ifname = NULL;

n->af = AF_INET6;

- n->addr.addr_dyn = NULL;

- memcpy(&n->addr.addr,

+ memcpy(&n->addr.v.a.addr,

&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr,

- sizeof(n->addr.addr));

+ sizeof(n->addr.v.a.addr));

n->ifindex = ((struct sockaddr_in6 *)res->ai_addr)->sin6_scope_id;

set_ipmask(n, v6mask);

freeaddrinfo(res);

@@ -4148,14 +4153,13 @@ host(char *s, int mask)

err(1, "address: calloc");

n->ifname = NULL;

n->af = res->ai_family;

- n->addr.addr_dyn = NULL;

if (res->ai_family == AF_INET) {

- memcpy(&n->addr.addr,

+ memcpy(&n->addr.v.a.addr,

&((struct sockaddr_in *)res->ai_addr)->sin_addr.s_addr,

sizeof(struct in_addr));

set_ipmask(n, v4mask);

} else {

- memcpy(&n->addr.addr,

+ memcpy(&n->addr.v.a.addr,

&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr.s6_addr,

sizeof(struct in6_addr));

n->ifindex =

diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c
index dabece9756d..bafcc1166b5 100644
--- a/sbin/pfctl/pf_print_state.c
+++ b/sbin/pfctl/pf_print_state.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pf_print_state.c,v 1.16 2003/01/04 00:01:34 deraadt Exp $ */

+/* $OpenBSD: pf_print_state.c,v 1.17 2003/01/05 22:14:23 dhartmei Exp $ */

@@ -62,25 +62,25 @@ print_addr(struct pf_addr_wrap *addr, sa_family_t af)

{

char buf[48];

- if (addr->mask.addr32[0] == PF_TABLE_MASK) {

+ if (addr->v.a.mask.addr32[0] == PF_TABLE_MASK) {

struct pfr_table tbl = { "?" };

if (pfr_unwrap_table(&tbl, addr, 0))

- printf("<0x%08X>", addr->addr.addr32[0]);

+ printf("<0x%08X>", addr->v.a.addr.addr32[0]);

else

printf("<%s>", tbl.pfrt_name);

return;

}

- if (addr->addr_dyn != NULL)

- printf("(%s)", addr->addr.pfa.ifname);

+ if (addr->type == PF_ADDR_DYNIFTL)

+ printf("(%s)", addr->v.ifname);

else {

- if (inet_ntop(af, &addr->addr, buf, sizeof(buf)) == NULL)

+ if (inet_ntop(af, &addr->v.a.addr, buf, sizeof(buf)) == NULL)

printf("?");

else

printf("%s", buf);

}

- if (! PF_AZERO(&addr->mask, af)) {

- int bits = unmask(&addr->mask, af);

+ if (! PF_AZERO(&addr->v.a.mask, af)) {

+ int bits = unmask(&addr->v.a.mask, af);

if (bits != (af == AF_INET ? 32 : 128))

printf("/%d", bits);

@@ -130,9 +130,9 @@ print_host(struct pf_state_host *h, sa_family_t af, int opts)

else {

struct pf_addr_wrap aw;

- aw.addr = h->addr;

- memset(&aw.mask, 0xff, sizeof(aw.mask));

- aw.addr_dyn = NULL;

+ memset(&aw, 0, sizeof(aw));

+ aw.v.a.addr = h->addr;

+ memset(&aw.v.a.mask, 0xff, sizeof(aw.v.a.mask));

print_addr(&aw, af);

}

diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 147359db81d..924737b25e8 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pfctl.c,v 1.122 2003/01/04 00:01:34 deraadt Exp $ */

+/* $OpenBSD: pfctl.c,v 1.123 2003/01/05 22:14:23 dhartmei Exp $ */

@@ -326,7 +326,8 @@ pfctl_kill_states(int dev, int opts)

killed = sources = dests = 0;

memset(&psk, 0, sizeof(psk));

- memset(&psk.psk_src.addr.mask, 0xff, sizeof(psk.psk_src.addr.mask));

+ memset(&psk.psk_src.addr.v.a.mask, 0xff,

+ sizeof(psk.psk_src.addr.v.a.mask));

memset(&last_src, 0xff, sizeof(last_src));

memset(&last_dst, 0xff, sizeof(last_dst));

@@ -346,10 +347,10 @@ pfctl_kill_states(int dev, int opts)

sources++;

if (psk.psk_af == AF_INET)

- psk.psk_src.addr.addr.v4 =

+ psk.psk_src.addr.v.a.addr.v4 =

((struct sockaddr_in *)resp[0]->ai_addr)->sin_addr;

else if (psk.psk_af == AF_INET6)

- psk.psk_src.addr.addr.v6 =

+ psk.psk_src.addr.v.a.addr.v6 =

((struct sockaddr_in6 *)resp[0]->ai_addr)->

sin6_addr;

else

@@ -357,8 +358,8 @@ pfctl_kill_states(int dev, int opts)

if (state_killers > 1) {

dests = 0;

- memset(&psk.psk_dst.addr.mask, 0xff,

- sizeof(psk.psk_dst.addr.mask));

+ memset(&psk.psk_dst.addr.v.a.mask, 0xff,

+ sizeof(psk.psk_dst.addr.v.a.mask));

memset(&last_dst, 0xff, sizeof(last_dst));

if ((ret_ga = getaddrinfo(state_kill[1], NULL, NULL,

&res[1]))) {

@@ -380,11 +381,11 @@ pfctl_kill_states(int dev, int opts)

dests++;

if (psk.psk_af == AF_INET)

- psk.psk_dst.addr.addr.v4 =

+ psk.psk_dst.addr.v.a.addr.v4 =

((struct sockaddr_in *)resp[1]->

ai_addr)->sin_addr;

else if (psk.psk_af == AF_INET6)

- psk.psk_dst.addr.addr.v6 =

+ psk.psk_dst.addr.v.a.addr.v6 =

((struct sockaddr_in6 *)resp[1]->

ai_addr)->sin6_addr;

else

diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index f85c3c06255..ad0d6774e86 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pfctl_parser.c,v 1.126 2003/01/04 17:40:51 dhartmei Exp $ */

+/* $OpenBSD: pfctl_parser.c,v 1.127 2003/01/05 22:14:23 dhartmei Exp $ */

@@ -354,17 +354,17 @@ print_fromto(struct pf_rule_addr *src, struct pf_rule_addr *dst,

{

if (src->addr.type != PF_ADDR_NOROUTE &&

dst->addr.type != PF_ADDR_NOROUTE &&

- PF_AZERO(&src->addr.addr, AF_INET6) &&

- PF_AZERO(&src->addr.mask, AF_INET6) &&

- !src->port_op && PF_AZERO(&dst->addr.addr, AF_INET6) &&

- PF_AZERO(&dst->addr.mask, AF_INET6) && !dst->port_op)

+ PF_AZERO(&src->addr.v.a.addr, AF_INET6) &&

+ PF_AZERO(&src->addr.v.a.mask, AF_INET6) &&

+ !src->port_op && PF_AZERO(&dst->addr.v.a.addr, AF_INET6) &&

+ PF_AZERO(&dst->addr.v.a.mask, AF_INET6) && !dst->port_op)

printf("all ");

else {

printf("from ");

if (src->addr.type == PF_ADDR_NOROUTE)

printf("no-route ");

- else if (PF_AZERO(&src->addr.addr, AF_INET6) &&

- PF_AZERO(&src->addr.mask, AF_INET6))

+ else if (PF_AZERO(&src->addr.v.a.addr, AF_INET6) &&

+ PF_AZERO(&src->addr.v.a.mask, AF_INET6))

printf("any ");

else {

if (src->not)

@@ -380,8 +380,8 @@ print_fromto(struct pf_rule_addr *src, struct pf_rule_addr *dst,

printf("to ");

if (dst->addr.type == PF_ADDR_NOROUTE)

printf("no-route ");

- else if (PF_AZERO(&dst->addr.addr, AF_INET6) &&

- PF_AZERO(&dst->addr.mask, AF_INET6))

+ else if (PF_AZERO(&dst->addr.v.a.addr, AF_INET6) &&

+ PF_AZERO(&dst->addr.v.a.mask, AF_INET6))

printf("any ");

else {

if (dst->not)

@@ -438,7 +438,7 @@ print_pool(struct pf_pool *pool, u_int16_t p1, u_int16_t p2,

print_addr(&pooladdr->addr.addr, af);

break;

case PF_PASS:

- if (PF_AZERO(&pooladdr->addr.addr.addr, af))

+ if (PF_AZERO(&pooladdr->addr.addr.v.a.addr, af))

printf("%s", pooladdr->ifname);

else {

printf("(%s ", pooladdr->ifname);

@@ -568,15 +568,15 @@ print_binat(struct pf_rule *b, int verbose)

printf("proto %u ", b->proto);

}

printf("from ");

- if (!PF_AZERO(&b->src.addr.addr, b->af) ||

- !PF_AZERO(&b->src.addr.mask, b->af)) {

+ if (!PF_AZERO(&b->src.addr.v.a.addr, b->af) ||

+ !PF_AZERO(&b->src.addr.v.a.mask, b->af)) {

print_addr(&b->src.addr, b->af);

printf(" ");

} else

printf("any ");

printf("to ");

- if (!PF_AZERO(&b->dst.addr.addr, b->af) ||

- !PF_AZERO(&b->dst.addr.mask, b->af)) {

+ if (!PF_AZERO(&b->dst.addr.v.a.addr, b->af) ||

+ !PF_AZERO(&b->dst.addr.v.a.mask, b->af)) {

if (b->dst.not)

printf("! ");

print_addr(&b->dst.addr, b->af);

@@ -623,8 +623,8 @@ print_rdr(struct pf_rule *r, int verbose)

printf("proto %u ", r->proto);

}

printf("from ");

- if (!PF_AZERO(&r->src.addr.addr, r->af) ||

- !PF_AZERO(&r->src.addr.mask, r->af)) {

+ if (!PF_AZERO(&r->src.addr.v.a.addr, r->af) ||

+ !PF_AZERO(&r->src.addr.v.a.mask, r->af)) {

if (r->src.not)

printf("! ");

print_addr(&r->src.addr, r->af);

@@ -632,8 +632,8 @@ print_rdr(struct pf_rule *r, int verbose)

} else

printf("any ");

printf("to ");

- if (!PF_AZERO(&r->dst.addr.addr, r->af) ||

- !PF_AZERO(&r->dst.addr.mask, r->af)) {

+ if (!PF_AZERO(&r->dst.addr.v.a.addr, r->af) ||

+ !PF_AZERO(&r->dst.addr.v.a.mask, r->af)) {

if (r->dst.not)

printf("! ");

print_addr(&r->dst.addr, r->af);