diff options
| author | Cedric Berger <cedric@cvs.openbsd.org> | 2004-06-12 22:22:45 +0000 |
|---|---|---|
| committer | Cedric Berger <cedric@cvs.openbsd.org> | 2004-06-12 22:22:45 +0000 |
| commit | 0fbac0108c25d248520ed15ba6befac349f0a689 (patch) | |
| tree | 68a2ef1c78e5ef5daf0d868eddc0babd66690be8 /sbin/pfctl | |
| parent | cbc7a67ab6def6348886a4bf10cbab4586d25454 (diff) | |
Fix table add/replace commands with securelevel=2.
Reported by James J. Lippard. ok otto@
Diffstat (limited to 'sbin/pfctl')
| -rw-r--r-- | sbin/pfctl/pfctl_table.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sbin/pfctl/pfctl_table.c b/sbin/pfctl/pfctl_table.c index def22571f69..34b940dbf7f 100644 --- a/sbin/pfctl/pfctl_table.c +++ b/sbin/pfctl/pfctl_table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_table.c,v 1.60 2004/05/19 17:50:51 dhartmei Exp $ */ +/* $OpenBSD: pfctl_table.c,v 1.61 2004/06/12 22:22:44 cedric Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -85,7 +85,13 @@ static const char *istats_text[2][2][2] = { #define CREATE_TABLE do { \ table.pfrt_flags |= PFR_TFLAG_PERSIST; \ - RVTEST(pfr_add_tables(&table, 1, &nadd, flags)); \ + if ((!(opts & PF_OPT_NOACTION) || \ + (opts & PF_OPT_DUMMYACTION)) && \ + (pfr_add_tables(&table, 1, &nadd, flags)) && \ + (errno != EPERM)) { \ + radix_perror(); \ + goto _error; \ + } \ if (nadd) { \ warn_namespace_collision(table.pfrt_name); \ xprintf(opts, "%d table created", nadd); \ |