diff options
| author | Max Laier <mlaier@FreeBSD.org> | 2008-12-10 21:08:42 +0000 |
|---|---|---|
| committer | Max Laier <mlaier@FreeBSD.org> | 2008-12-10 21:08:42 +0000 |
| commit | 89a3159080a774bd9de50eaf1861a1f0c1657a9f (patch) | |
| tree | c096fbed43e7e27c693d9c76d395f03a6c790ac2 /pfctl/pfctl_parser.c | |
| parent | a13f3058fbd67e3bbda784171bacc8343faf6edf (diff) | |
Import OPENBSD_4_4_BASE and libevent 1.3evendor/pf/4.4
Notes
Notes:
svn path=/vendor/pf/dist/; revision=185882
svn path=/vendor/pf/4.4/; revision=185883; tag=vendor/pf/4.4
Diffstat (limited to 'pfctl/pfctl_parser.c')
| -rw-r--r-- | pfctl/pfctl_parser.c | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/pfctl/pfctl_parser.c b/pfctl/pfctl_parser.c index e88306b30f4b..7368dbe7d3c4 100644 --- a/pfctl/pfctl_parser.c +++ b/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.235 2007/10/15 02:16:35 deraadt Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.240 2008/06/10 20:55:02 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -860,6 +860,8 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) opts = 1; if (r->rule_flag & PFRULE_IFBOUND) opts = 1; + if (r->rule_flag & PFRULE_STATESLOPPY) + opts = 1; for (i = 0; !opts && i < PFTM_MAX; ++i) if (r->timeout[i]) opts = 1; @@ -926,6 +928,12 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) printf("if-bound"); opts = 0; } + if (r->rule_flag & PFRULE_STATESLOPPY) { + if (!opts) + printf(", "); + printf("sloppy"); + opts = 0; + } for (i = 0; i < PFTM_MAX; ++i) if (r->timeout[i]) { int j; @@ -953,6 +961,8 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) printf(" min-ttl %d", r->min_ttl); if (r->max_mss) printf(" max-mss %d", r->max_mss); + if (r->rule_flag & PFRULE_SET_TOS) + printf(" set-tos 0x%2.2x", r->set_tos); if (r->allow_opts) printf(" allow-opts"); if (r->action == PF_SCRUB) { @@ -981,6 +991,22 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) } if (r->rtableid != -1) printf(" rtable %u", r->rtableid); + if (r->divert.port) { + if (PF_AZERO(&r->divert.addr, r->af)) { + printf(" divert-reply"); + } else { + /* XXX cut&paste from print_addr */ + char buf[48]; + + printf(" divert-to "); + if (inet_ntop(r->af, &r->divert.addr, buf, + sizeof(buf)) == NULL) + printf("?"); + else + printf("%s", buf); + printf(" port %u", ntohs(r->divert.port)); + } + } if (!anchor_call[0] && (r->action == PF_NAT || r->action == PF_BINAT || r->action == PF_RDR)) { printf(" -> "); @@ -1001,6 +1027,8 @@ print_tabledef(const char *name, int flags, int addrs, printf(" const"); if (flags & PFR_TFLAG_PERSIST) printf(" persist"); + if (flags & PFR_TFLAG_COUNTERS) + printf(" counters"); SIMPLEQ_FOREACH(ti, nodes, entries) { if (ti->file) { printf(" file \"%s\"", ti->file); |