diff options
| author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-01-25 22:53:46 +0000 |
|---|---|---|
| committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2003-01-25 22:53:46 +0000 |
| commit | 5eaf17bc7c452508d29093af7d514b6bc52edd70 (patch) | |
| tree | 902cc2fb50935e18353a36162f3c0db1ce10ad8b /sbin | |
| parent | 542008969a1e5b933f10cb8012464df201215253 (diff) | |
Match changes for rdr port ranges made to pf.c:
- fixes behaviour of rdr on le0 from foo to bar port 1:20 -> (lo0) port 22
- makes calculated mapping more explicit for the -> (lo0) port 22:* case
testing from dhartmei@
ok dhartmei@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/pfctl/parse.y | 14 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 10 |
2 files changed, 15 insertions, 9 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index e953ca4ee9e..deef34e346e 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.299 2003/01/25 18:16:05 cedric Exp $ */ +/* $OpenBSD: parse.y,v 1.300 2003/01/25 22:53:45 mcbride Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -2075,13 +2075,15 @@ rport : STRING { if (($$.a = getservice($1)) == -1) YYERROR; $$.b = 0; - $$.t = PF_OP_RRG; + $$.t = 1; } else { *p++ = 0; if (($$.a = getservice($1)) == -1 || ($$.b = getservice(p)) == -1) YYERROR; - $$.t = PF_OP_RRG; + if ($$.a == $$.b) + $$.b = 0; + $$.t = 0; } } ; @@ -2515,7 +2517,11 @@ rdrrule : no RDR interface af proto FROM ipspec TO ipspec dport if ($11->host == NULL) YYERROR; rdr.rpool.proxy_port[0] = $11->rport.a; - rdr.rpool.port_op |= $11->rport.t; + if ($11->rport.t && $10.b) { + rdr.rpool.proxy_port[1] = $11->rport.a + + (rdr.dst.port[1] - rdr.dst.port[0]); + } else + rdr.rpool.proxy_port[1] = $11->rport.b; if ($11->host->next) { rdr.rpool.opts = $12.type; diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index 50c407d2f89..46933549cc1 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.133 2003/01/20 17:16:56 cedric Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.134 2003/01/25 22:53:45 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -478,8 +478,8 @@ print_pool(struct pf_pool *pool, u_int16_t p1, u_int16_t p2, case PF_RDR: if (p1) { printf(" port %u", ntohs(p1)); - if (p2 & PF_OP_RRG) - printf(":*"); + if (p2) + printf(":%u", ntohs(p2)); } break; default: @@ -653,14 +653,14 @@ print_rdr(struct pf_rule *r, int verbose) printf("any "); if (r->dst.port[0]) { printf("port %u", ntohs(r->dst.port[0])); - if (r->rpool.port_op & PF_OP_RRG) + if (r->dst.port_op & PF_OP_RRG) printf(":%u", ntohs(r->dst.port[1])); printf(" "); } if (!r->anchorname[0] && (r->action == PF_RDR)) { printf("-> "); print_pool(&r->rpool, r->rpool.proxy_port[0], - r->rpool.port_op, r->af, PF_RDR); + r->rpool.proxy_port[1], r->af, PF_RDR); } printf("\n"); } |