diff options
author | Reyk Floeter <reyk@cvs.openbsd.org> | 2009-04-01 14:08:54 +0000 |
---|---|---|
committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2009-04-01 14:08:54 +0000 |
commit | 4bd0a5bb0865c3233a6bfae144c72921458f4594 (patch) | |
tree | 42dfea4db23ae7ec5f99593a7e02804c2fd8fe5e /usr.sbin | |
parent | 0a3960004ff96e417e083d57c5ee3802c5ee7fd0 (diff) |
terminate and cleanup properly by setting the pf anchor names
correctly (anchor names with characters after the terminating NUL byte
are considered invalid).
Thanks to camield@
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/relayd/pfe_filter.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/usr.sbin/relayd/pfe_filter.c b/usr.sbin/relayd/pfe_filter.c index 27af721c2a4..86ad73a2e29 100644 --- a/usr.sbin/relayd/pfe_filter.c +++ b/usr.sbin/relayd/pfe_filter.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfe_filter.c,v 1.36 2008/12/08 10:59:44 reyk Exp $ */ +/* $OpenBSD: pfe_filter.c,v 1.37 2009/04/01 14:08:53 reyk Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -129,15 +129,17 @@ init_tables(struct relayd *env) } void -kill_tables(struct relayd *env) { +kill_tables(struct relayd *env) +{ struct pfioc_table io; struct rdr *rdr; + int cnt = 0; if (!(env->sc_flags & F_NEEDPF)) return; - memset(&io, 0, sizeof(io)); TAILQ_FOREACH(rdr, env->sc_rdrs, entry) { + memset(&io, 0, sizeof(io)); if (strlcpy(io.pfrio_table.pfrt_anchor, RELAYD_ANCHOR "/", sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; @@ -145,9 +147,10 @@ kill_tables(struct relayd *env) { sizeof(io.pfrio_table.pfrt_anchor)) >= PF_ANCHOR_NAME_SIZE) goto toolong; if (ioctl(env->sc_pf->dev, DIOCRCLRTABLES, &io) == -1) - fatal("kill_tables: ioctl faile: ioctl failed"); + fatal("kill_tables: ioctl failed"); + cnt += io.pfrio_ndel; } - log_debug("kill_tables: deleted %d tables", io.pfrio_ndel); + log_debug("kill_tables: deleted %d tables", cnt); return; toolong: |