diff options
| author | Claudio Jeker <claudio@cvs.openbsd.org> | 2020-10-02 09:14:34 +0000 |
|---|---|---|
| committer | Claudio Jeker <claudio@cvs.openbsd.org> | 2020-10-02 09:14:34 +0000 |
| commit | d4d4b47d139df9ba2eac4e2a5e0004595b117a3d (patch) | |
| tree | 3705603bd24f2e6cd5696cfeb40d539b709abbb9 /sys | |
| parent | 5dbd6972d0f1a893d71b5daa3de73c58c2e33548 (diff) | |
relax check for valid onrdomain range. onrdomain is -1 if the value is
unused by the rule. So skip the rest of the check in that case.
Fixes rulest loading for semarie@
OK semarie@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/pf_ioctl.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 4f26890e9e0..ef7d995e5a7 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.357 2020/10/01 14:02:08 kn Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.358 2020/10/02 09:14:33 claudio Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -2820,7 +2820,8 @@ pf_rule_copyin(struct pf_rule *from, struct pf_rule *to, if (to->rtableid >= 0 && !rtable_exists(to->rtableid)) return (EBUSY); to->onrdomain = from->onrdomain; - if (to->onrdomain < 0 || to->onrdomain > RT_TABLEID_MAX) + if (to->onrdomain != -1 && (to->onrdomain < 0 || + to->onrdomain > RT_TABLEID_MAX)) return (EINVAL); for (i = 0; i < PFTM_MAX; i++) |