diff options
author | Kristof Provost <kp@FreeBSD.org> | 2025-01-07 14:15:15 +0000 |
---|---|---|
committer | Kristof Provost <kp@FreeBSD.org> | 2025-01-14 08:54:18 +0000 |
commit | 0d68985b0170f704ee45dfb6c209cc852870d2c2 (patch) | |
tree | 695f249d9fc262201ca75aa229ff1c652fcf0d6b | |
parent | f88019e8a35c05b61b5722e4b98cd7b5cca167f7 (diff) |
pfctl: unbreak rule optimizer
ok henning, looks
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 4a16887b1b
Sponsored by: Rubicon Communications, LLC ("Netgate")
-rw-r--r-- | sbin/pfctl/parse.y | 2 | ||||
-rw-r--r-- | sbin/pfctl/pfctl_optimize.c | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 3c34b0237895..ff2e2d2c93b7 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -6179,7 +6179,7 @@ expand_rule(struct pfctl_rule *r, LOOP_THROUGH(struct node_uid, uid, uids, LOOP_THROUGH(struct node_gid, gid, gids, - r->naf = r->af = af; + r->af = af; if (r->rule_flag & PFRULE_AFTO) { assert(nat != NULL); diff --git a/sbin/pfctl/pfctl_optimize.c b/sbin/pfctl/pfctl_optimize.c index 9858f38b8671..a688fe484128 100644 --- a/sbin/pfctl/pfctl_optimize.c +++ b/sbin/pfctl/pfctl_optimize.c @@ -172,6 +172,7 @@ static struct pf_rule_field { PF_RULE_FIELD(dst.port_op, NOMERGE), PF_RULE_FIELD(src.neg, NOMERGE), PF_RULE_FIELD(dst.neg, NOMERGE), + PF_RULE_FIELD(af, NOMERGE), /* These fields can be merged */ PF_RULE_FIELD(src.addr, COMBINED), |