Date: Thu, 17 Mar 2022 18:02:46 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 262622] [pf][patch] fix showing rules in (some) nested anchors Message-ID: <bug-262622-227-eLOjrkcbSn@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-262622-227@https.bugs.freebsd.org/bugzilla/> References: <bug-262622-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D262622 --- Comment #8 from Matteo Riondato <matteo@FreeBSD.org> --- To give you an idea of what would be necessary, but not sufficient, to solve the issue in bug #262590, you need something like the following patch (to be applied on top of the patch you posted in #5 This patch solves a subset of the issue outlined in bug #262590, in that at least now rules directly inside an anchor included in pf.conf with "anchor myanchor/*" are printed (but nested anchors are still not printed). To solve the real issue there, one likely needs to get the DIOCGETRULESETS ioctl involved, IMHO. diff -u pfctl.c pfctl.c.mine --- pfctl.c 2022-03-17 13:57:58.290678000 -0400 +++ pfctl.c.mine 2022-03-17 13:57:11.836505000 -0400 @@ -1251,10 +1251,20 @@ *(--p) =3D=3D '/')) || (opts & PF_OPT_RECURSE)))= { brace++; if ((p =3D strrchr(anchor_call, '/')) !=3D - NULL) + NULL && path[0] && + strnstr(anchor_call, path, p - anchor_call)) p++; - else + else { + int aclen =3D strlen(anchor_call); + if (anchor_call[aclen - 1] =3D=3D '= *') { + int idx =3D aclen - 2; + if (! (idx >=3D 0 && + anchor_call[idx] =3D=3D = '/')) + idx =3D 0; + anchor_call[idx] =3D '\0'; + } p =3D &anchor_call[0]; + } } else p =3D &anchor_call[0]; --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-262622-227-eLOjrkcbSn>