cff1b3389b
fix a bug in the input sanity check of DIOCCHANGERULE (not used by pfctl, but third-party tools). a rule must have a non-empty replacement address list when it's a translation rule but not an anchor call (i.e. "nat ... ->" needs a replacement address, but "nat-anchor ..." doesn't). the check confused "rule is an anchor call" with "rule is defined within an anchor". report from Michal Mertl, Max Laier. Obtained from: OpenBSD MFC after: 2 weeks |
||
---|---|---|
.. | ||
if_pflog.c | ||
if_pflog.h | ||
if_pfsync.c | ||
if_pfsync.h | ||
pf_if.c | ||
pf_ioctl.c | ||
pf_norm.c | ||
pf_osfp.c | ||
pf_subr.c | ||
pf_table.c | ||
pf.c | ||
pfvar.h |