From ef964c6009a7e784f13089816b0bf37782e4d5c8 Mon Sep 17 00:00:00 2001 From: Henning Brauer Date: Mon, 25 Nov 2002 18:11:35 +0000 Subject: repair decide_address_family you cannot just taked the first address family you meet as rule's address family... either all are equal, or the rule has no explicit AF. found by danh@ ok theo --- sbin/pfctl/parse.y | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 1b0e6ceda12..7d5331b86ea 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.214 2002/11/25 17:44:39 mickey Exp $ */ +/* $OpenBSD: parse.y,v 1.215 2002/11/25 18:11:34 henning Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -3474,11 +3474,19 @@ ifa_lookup(char *ifa_name, enum pfctl_iflookup_mode mode) void decide_address_family(struct node_host *n, sa_family_t *af) { + sa_family_t target_af = 0; + while (!*af && n != NULL) { - if (n->af) - *af = n->af; + if (n->af) { + if (target_af == 0) + target_af = n->af; + if (target_af != n->af) + return; + } n = n->next; } + if (!*af && target_af) + *af = target_af; } void -- cgit v1.2.3