diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2025-02-11 10:06:53 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2025-02-14 17:47:52 +0000 |
| commit | a2614574f2459ef56013061a185880f90e035ce4 (patch) | |
| tree | 53af89814acd628cd1ef789b0438da20c4fe05d0 /sbin | |
| parent | d2bb19883f780ea17a794787d6b67e75059b085e (diff) | |
pfctl: if_item can be "any" now
Allows things like:
block out on $someif received-on any
to prevent packets to get forwarded to $someif.
Obtained from: OpenBSD, henning <henning@openbsd.org>, 5984d04852
Sponsored by: Rubicon Communications, LLC ("Netgate")
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/pfctl/parse.y | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 981039f4124c..b370cbc463ae 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -3379,6 +3379,15 @@ if_item : STRING { $$->next = NULL; $$->tail = $$; } + | ANY { + $$ = calloc(1, sizeof(struct node_if)); + if ($$ == NULL) + err(1, "if_item: calloc"); + strlcpy($$->ifname, "any", sizeof($$->ifname)); + $$->not = 0; + $$->next = NULL; + $$->tail = $$; + } ; af : /* empty */ { $$ = 0; } |