git: 0d68985b0170 - main - pfctl: unbreak rule optimizer
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 14 Jan 2025 10:37:49 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=0d68985b0170f704ee45dfb6c209cc852870d2c2
commit 0d68985b0170f704ee45dfb6c209cc852870d2c2
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-01-07 14:15:15 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-01-14 08:54:18 +0000
pfctl: unbreak rule optimizer
ok henning, looks
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 4a16887b1b
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sbin/pfctl/parse.y | 2 +-
sbin/pfctl/pfctl_optimize.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 3c34b0237895..ff2e2d2c93b7 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -6179,7 +6179,7 @@ expand_rule(struct pfctl_rule *r,
LOOP_THROUGH(struct node_uid, uid, uids,
LOOP_THROUGH(struct node_gid, gid, gids,
- r->naf = r->af = af;
+ r->af = af;
if (r->rule_flag & PFRULE_AFTO) {
assert(nat != NULL);
diff --git a/sbin/pfctl/pfctl_optimize.c b/sbin/pfctl/pfctl_optimize.c
index 9858f38b8671..a688fe484128 100644
--- a/sbin/pfctl/pfctl_optimize.c
+++ b/sbin/pfctl/pfctl_optimize.c
@@ -172,6 +172,7 @@ static struct pf_rule_field {
PF_RULE_FIELD(dst.port_op, NOMERGE),
PF_RULE_FIELD(src.neg, NOMERGE),
PF_RULE_FIELD(dst.neg, NOMERGE),
+ PF_RULE_FIELD(af, NOMERGE),
/* These fields can be merged */
PF_RULE_FIELD(src.addr, COMBINED),