pf label $nr macro expand reproducable bug

From: Özkan KIRIK <ozkan.kirik_at_gmail.com>
Date: Wed, 15 Sep 2021 10:43:54 +0300
Hi,

I'm using FreeBSD stable/12.
I've tested this situation on stable/12 both 0f97f2a1857a (Jul 26
2021) and ebb3327d09ce (Sep 14) build.

label $nr macro is works as expected for most of rules. But with the
example below $nr macro was expanded incorrectly. Outputs are below.

If you need, I can open a PR.

# ifconfig -g lo
lo0

Experiment #1: The right output should be "ruleNo:2", but system
expands as "ruleNo:257".

# cat pf.conf
pass quick on lo from lo:network to lo:network
block quick all label "ruleNo:$nr"

# pfctl -f pf.conf
# pfctl -sr -vvv
_at_0 pass quick on lo inet6 from ::1 to ::1 flags S/SA keep state
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: uid 0 pid 17691 State Creations: 0     ]
_at_1 pass quick on lo inet from 127.0.0.0/8 to 127.0.0.0/8 flags S/SA keep state
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: uid 0 pid 17691 State Creations: 0     ]
_at_2 block drop quick all label "ruleNo:257"
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: uid 0 pid 17691 State Creations: 0     ]

Experiment #2: The right output should be "ruleNo:2", but system
expands as "ruleNo:17".

# cat pf.conf
pass quick on lo from lo:network
block quick all label "ruleNo:$nr"

# pfctl -f pf.conf
# pfctl -sr -vvv
_at_0 pass quick on lo inet6 from ::1 to any flags S/SA keep state
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: uid 0 pid 8726 State Creations: 0     ]
_at_1 pass quick on lo inet from 127.0.0.0/8 to any flags S/SA keep state
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: uid 0 pid 8726 State Creations: 0     ]
_at_2 block drop quick all label "ruleNo:17"
  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: uid 0 pid 8726 State Creations: 0     ]

Regards
Ozkan
Received on Wed Sep 15 2021 - 07:43:54 UTC

Original text of this message