diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2021-10-08 13:13:21 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2021-10-22 07:34:18 +0000 |
| commit | 56dc7a08bff8e0d8edde89ab9fecc3c6a7e375e4 (patch) | |
| tree | 727ce1b4df53634dfa3afcf2810a00f09832fa17 | |
| parent | 00ff2b29a9ba563b6b2f324c0c9378ea286e17df (diff) | |
| download | src-56dc7a08bff8e0d8edde89ab9fecc3c6a7e375e4.tar.gz src-56dc7a08bff8e0d8edde89ab9fecc3c6a7e375e4.zip | |
pf: do not copy anchor_wildcard / anchor_relative from userspace
We overwrite these fields again in pf_kanchor_setup() anyway.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 1c680e620bf7e53d043d10b23bdfc980e45e6455)
| -rw-r--r-- | sys/netpfil/pf/pf_ioctl.c | 2 | ||||
| -rw-r--r-- | sys/netpfil/pf/pf_nv.c | 2 |
2 files changed, 0 insertions, 4 deletions
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 7a8d0cdda836..7b68110b0f99 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -1823,8 +1823,6 @@ pf_rule_to_krule(const struct pf_rule *rule, struct pf_krule *krule) krule->return_ttl = rule->return_ttl; krule->tos = rule->tos; krule->set_tos = rule->set_tos; - krule->anchor_relative = rule->anchor_relative; - krule->anchor_wildcard = rule->anchor_wildcard; krule->flush = rule->flush; krule->prio = rule->prio; diff --git a/sys/netpfil/pf/pf_nv.c b/sys/netpfil/pf/pf_nv.c index 5eda6b3917f4..d53c6fe4b84e 100644 --- a/sys/netpfil/pf/pf_nv.c +++ b/sys/netpfil/pf/pf_nv.c @@ -603,8 +603,6 @@ pf_nvrule_to_krule(const nvlist_t *nvl, struct pf_krule *rule) PFNV_CHK(pf_nvuint8(nvl, "return_ttl", &rule->return_ttl)); PFNV_CHK(pf_nvuint8(nvl, "tos", &rule->tos)); PFNV_CHK(pf_nvuint8(nvl, "set_tos", &rule->set_tos)); - PFNV_CHK(pf_nvuint8(nvl, "anchor_relative", &rule->anchor_relative)); - PFNV_CHK(pf_nvuint8(nvl, "anchor_wildcard", &rule->anchor_wildcard)); PFNV_CHK(pf_nvuint8(nvl, "flush", &rule->flush)); PFNV_CHK(pf_nvuint8(nvl, "prio", &rule->prio)); |