diff options
| author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2001-09-15 21:49:20 +0000 |
|---|---|---|
| committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2001-09-15 21:49:20 +0000 |
| commit | dcdccf5b36f2a18cdadc776e9f38cc6a66b63542 (patch) | |
| tree | bc092cf085b95cc1a032b8dc3374b6695448e4ad /sbin/pfctl | |
| parent | 4b641cc89ec35c9acf6d74eea6218bc4e4686ee5 (diff) | |
Fix 'binat ... to any ...' (binat.af wasn't set).
Diffstat (limited to 'sbin/pfctl')
| -rw-r--r-- | sbin/pfctl/parse.y | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index b0df340e8fb..15e3ac89392 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.33 2001/09/15 11:21:50 dhartmei Exp $ */ +/* $OpenBSD: parse.y,v 1.34 2001/09/15 21:49:19 dhartmei Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -748,7 +748,7 @@ binatrule : BINAT interface proto FROM address TO ipspec ARROW address } if ($5 != NULL && $7 != NULL) { if ($5->af && $7->af && $5->af != $7->af) { - yyerror("nat ip versions must match"); + yyerror("binat ip versions must match"); YYERROR; } else { if ($5->af) @@ -775,6 +775,12 @@ binatrule : BINAT interface proto FROM address TO ipspec ARROW address yyerror("binat rule requires redirection address"); YYERROR; } + /* we don't support IPv4 <-> IPv6 binat... yet */ + if (binat.af && $9->af != binat.af) { + yyerror("binat ip versions must match"); + YYERROR; + } else + binat.af = $9->af; memcpy(&binat.raddr, &$9->addr, sizeof(binat.raddr)); free($9); pfctl_add_binat(pf, &binat); |