diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2021-07-01 15:16:10 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2021-07-08 06:49:56 +0000 |
| commit | d442d97b7632628ac3cf3e591ddbd8b872c14818 (patch) | |
| tree | 8d0faf4b7b20f422aa9eba6c7d16b6e86ce8967a | |
| parent | aae1a783dd444060f9a9ed9cf0fbb0c3ba7c6800 (diff) | |
| download | src-d442d97b7632628ac3cf3e591ddbd8b872c14818.tar.gz src-d442d97b7632628ac3cf3e591ddbd8b872c14818.zip | |
ftp-proxy: Revert incorrect migration to libpfctl
libpfctl supports creating rules, but not (yet) adding addresses to a
pool. Adding addresses certainly does not work through adding a rule.
PR: 256917
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 8923ea6c867fd75b08b76883ec122c429a4018f9)
| -rw-r--r-- | contrib/pf/ftp-proxy/filter.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/contrib/pf/ftp-proxy/filter.c b/contrib/pf/ftp-proxy/filter.c index dad6324808bc..e4787985e99f 100644 --- a/contrib/pf/ftp-proxy/filter.c +++ b/contrib/pf/ftp-proxy/filter.c @@ -103,8 +103,7 @@ add_nat(u_int32_t id, struct sockaddr *src, struct sockaddr *dst, &satosin6(nat)->sin6_addr.s6_addr, 16); memset(&pfp.addr.addr.v.a.mask.addr8, 255, 16); } - if (pfctl_add_rule(dev, &pfrule, pfanchor, pfanchor_call, - pfticket, pfpool_ticket)) + if (ioctl(dev, DIOCADDADDR, &pfp) == -1) return (-1); pfrule.rpool.proxy_port[0] = nat_range_low; @@ -138,8 +137,7 @@ add_rdr(u_int32_t id, struct sockaddr *src, struct sockaddr *dst, &satosin6(rdr)->sin6_addr.s6_addr, 16); memset(&pfp.addr.addr.v.a.mask.addr8, 255, 16); } - if (pfctl_add_rule(dev, &pfrule, pfanchor, pfanchor_call, - pfticket, pfpool_ticket)) + if (ioctl(dev, DIOCADDADDR, &pfp) == -1) return (-1); pfrule.rpool.proxy_port[0] = rdr_port; |