git: d27c9f5bc38e - main - pf: fixup match rules
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 30 Mar 2022 09:17:25 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=d27c9f5bc38eda519145092c13bca2823a9998d8
commit d27c9f5bc38eda519145092c13bca2823a9998d8
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-03-29 12:28:37 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-03-30 08:28:19 +0000
pf: fixup match rules
Ensure that we can set and print match rules in ethernet rules.
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sbin/pfctl/pfctl_parser.c | 3 ++-
sys/netpfil/pf/pf_nv.c | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index b6d1ebc127e1..1bd95b076ce6 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -744,7 +744,8 @@ void
print_eth_rule(struct pfctl_eth_rule *r, const char *anchor_call,
int rule_numbers)
{
- static const char *actiontypes[] = { "pass", "block" };
+ static const char *actiontypes[] = { "pass", "block", "", "", "", "",
+ "", "", "", "", "", "", "match" };
if (rule_numbers)
printf("@%u ", r->nr);
diff --git a/sys/netpfil/pf/pf_nv.c b/sys/netpfil/pf/pf_nv.c
index 0a79dfb0de7a..85666a5ee111 100644
--- a/sys/netpfil/pf/pf_nv.c
+++ b/sys/netpfil/pf/pf_nv.c
@@ -1170,7 +1170,8 @@ pf_nveth_rule_to_keth_rule(const nvlist_t *nvl,
PFNV_CHK(pf_nvuint8(nvl, "action", &krule->action));
- if (krule->action != PF_PASS && krule->action != PF_DROP)
+ if (krule->action != PF_PASS && krule->action != PF_DROP &&
+ krule->action != PF_MATCH)
return (EBADMSG);
errout: