pf: fixup match rules
Ensure that we can set and print match rules in ethernet rules. Sponsored by: Rubicon Communications, LLC ("Netgate")
This commit is contained in:
parent
81cac0d2f6
commit
d27c9f5bc3
@ -744,7 +744,8 @@ void
|
|||||||
print_eth_rule(struct pfctl_eth_rule *r, const char *anchor_call,
|
print_eth_rule(struct pfctl_eth_rule *r, const char *anchor_call,
|
||||||
int rule_numbers)
|
int rule_numbers)
|
||||||
{
|
{
|
||||||
static const char *actiontypes[] = { "pass", "block" };
|
static const char *actiontypes[] = { "pass", "block", "", "", "", "",
|
||||||
|
"", "", "", "", "", "", "match" };
|
||||||
|
|
||||||
if (rule_numbers)
|
if (rule_numbers)
|
||||||
printf("@%u ", r->nr);
|
printf("@%u ", r->nr);
|
||||||
|
@ -1170,7 +1170,8 @@ pf_nveth_rule_to_keth_rule(const nvlist_t *nvl,
|
|||||||
|
|
||||||
PFNV_CHK(pf_nvuint8(nvl, "action", &krule->action));
|
PFNV_CHK(pf_nvuint8(nvl, "action", &krule->action));
|
||||||
|
|
||||||
if (krule->action != PF_PASS && krule->action != PF_DROP)
|
if (krule->action != PF_PASS && krule->action != PF_DROP &&
|
||||||
|
krule->action != PF_MATCH)
|
||||||
return (EBADMSG);
|
return (EBADMSG);
|
||||||
|
|
||||||
errout:
|
errout:
|
||||||
|
Loading…
Reference in New Issue
Block a user