d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pfctl: always print 'l3' source/destination

Browse Source 
While the kernel only performs the L3 check for
ETHERTYPE_IP/ETHERTYPE_IP6 we should always print the source and
destination addresses.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D34918
This commit is contained in:
Kristof Provost 2022-04-12 13:29:56 +02:00
parent 812839e5aa
commit a16732d670
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sbin/pfctl/pfctl_parser.c
View File

@ -783,12 +783,10 @@ print_eth_rule(struct pfctl_eth_rule *r, const char *anchor_call,
printf(" to ");
print_eth_addr(&r->dst);
}
if (r->proto == ETHERTYPE_IP || r->proto == ETHERTYPE_IPV6) {
printf(" l3");
print_fromto(&r->ipsrc, PF_OSFP_ANY, &r->ipdst,
r->proto == ETHERTYPE_IP ? AF_INET : AF_INET6, 0,
0, 0);
}
printf(" l3");
print_fromto(&r->ipsrc, PF_OSFP_ANY, &r->ipdst,
r->proto == ETHERTYPE_IP ? AF_INET : AF_INET6, 0,
0, 0);
if (r->qname[0])
printf(" queue %s", r->qname);
if (r->tagname[0])