diff options
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/pfctl/parse.y | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index b9cc12b4d9a..d803ea7cfa4 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.112 2002/07/05 18:09:50 henning Exp $ */ +/* $OpenBSD: parse.y,v 1.113 2002/07/08 11:46:32 dhartmei Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -1607,6 +1607,10 @@ rule_consistent(struct pf_rule *r) yyerror("port only applies to tcp/udp"); problems++; } + if (r->proto != IPPROTO_TCP && (r->flags || r->flagset)) { + yyerror("flags only applies to tcp"); + problems++; + } if (r->proto != IPPROTO_ICMP && r->proto != IPPROTO_ICMPV6 && (r->type || r->code)) { yyerror("icmp-type/code only applies to icmp"); |