pfctl: fix FOM_ICMP/POM_STICKYADDRESS clash

pass inet proto icmp icmp-type {unreach} pass route-to (if0 127.0.0.1/8) sticky-address inet The wrong struct was being tested. The parser tries to prevent "sticky-address sticky-address" syntax but was actually cross-rule enforcing that ICMP filter cannot be before the use of "sticky-address" in next rule. MFC after: 2 weeks Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D36050
2022-08-06 10:59:56 +02:00 · 2022-08-06 10:59:56 +02:00 · 1e73fbd8b2
commit 1e73fbd8b2
parent 93dd3adac7
1 changed files with 1 additions and 1 deletions
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@ -4466,7 +4466,7 @@ pool_opt	: BITMASK	{
 			pool_opts.staticport = 1;
 		}
 		| STICKYADDRESS	{
-			if (filter_opts.marker & POM_STICKYADDRESS) {
+			if (pool_opts.marker & POM_STICKYADDRESS) {
 				yyerror("sticky-address cannot be redefined");
 				YYERROR;
 			}