diff options
| author | Stuart Henderson <sthen@cvs.openbsd.org> | 2015-02-14 23:32:42 +0000 |
|---|---|---|
| committer | Stuart Henderson <sthen@cvs.openbsd.org> | 2015-02-14 23:32:42 +0000 |
| commit | 28b9890ce8491d8519bd797125a29608a7ed5b84 (patch) | |
| tree | 68ff2b4a0c522eaf0debf21d842997d829c7b3d0 /sys | |
| parent | d84e9c0f044177cb463ed4ffad6c370ca0fe493f (diff) | |
Rather than using 0xff as a placeholder for "don't check prio", use 0xff to
mean "prio is 0". This avoids the need for code changes in programs which add
pf rules (as was done in pfctl but not other programs) to handle the new
"check prio" functionality. Specifically this unbreaks ftp-proxy.
Use of #define rather than magic 0xff suggested by benno.
ok benno "if henning doesnt like it he can change it when he recovers from jet-lag"
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/pf.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index 31417a64fe3..800436b7a0a 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.905 2015/02/12 01:24:10 henning Exp $ */ +/* $OpenBSD: pf.c,v 1.906 2015/02/14 23:32:41 sthen Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -3233,8 +3233,8 @@ pf_test_rule(struct pf_pdesc *pd, struct pf_rule **rm, struct pf_state **sm, PF_TEST_ATTRIB((r->rcv_kif && pf_match_rcvif(pd->m, r) == r->rcvifnot), TAILQ_NEXT(r, entries)); - PF_TEST_ATTRIB((r->prio != 0xff && - r->prio != pd->m->m_pkthdr.pf.prio), + PF_TEST_ATTRIB((r->prio && + (r->prio == PF_PRIO_ZERO ? 0 : r->prio) != pd->m->m_pkthdr.pf.prio), TAILQ_NEXT(r, entries)); /* FALLTHROUGH */ |