diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2025-10-06 15:57:44 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2025-10-06 21:35:30 +0000 |
| commit | b476593519e98c11752a207e7cb121fba5c1961b (patch) | |
| tree | 0f2b752a644307c2a4d0a8c868bbc1a9b4a00f9d | |
| parent | 8fecb09bc58ea39833b57c88637036124d71e0ce (diff) | |
pfctl: check if the anchor exists before we attempt to flush anything from it
PR: 289994
Sponsored by: Rubicon Communications, LLC ("Netgate")
| -rw-r--r-- | sbin/pfctl/pfctl.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index 998148f5e75f..ed317495c2e0 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -3585,6 +3585,12 @@ main(int argc, char *argv[]) } if (clearopt != NULL) { + int mnr; + + /* Check if anchor exists. */ + if ((pfctl_get_rulesets(pfh, anchorname, &mnr)) == ENOENT) + errx(1, "No such anchor %s", anchorname); + switch (*clearopt) { case 'e': pfctl_flush_eth_rules(dev, opts, anchorname); |