From owner-svn-src-stable-11@freebsd.org Thu Jan 30 09:56:58 2020 Return-Path: Delivered-To: svn-src-stable-11@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 047DE23398F; Thu, 30 Jan 2020 09:56:58 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 487bNn6CDcz3Qb8; Thu, 30 Jan 2020 09:56:57 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CEC66232D2; Thu, 30 Jan 2020 09:56:57 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 00U9uv7h045247; Thu, 30 Jan 2020 09:56:57 GMT (envelope-from kp@FreeBSD.org) Received: (from kp@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 00U9uvTW045246; Thu, 30 Jan 2020 09:56:57 GMT (envelope-from kp@FreeBSD.org) Message-Id: <202001300956.00U9uvTW045246@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kp set sender to kp@FreeBSD.org using -f From: Kristof Provost Date: Thu, 30 Jan 2020 09:56:57 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r357290 - stable/11/etc/periodic/security X-SVN-Group: stable-11 X-SVN-Commit-Author: kp X-SVN-Commit-Paths: stable/11/etc/periodic/security X-SVN-Commit-Revision: 357290 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jan 2020 09:56:58 -0000 Author: kp Date: Thu Jan 30 09:56:57 2020 New Revision: 357290 URL: https://svnweb.freebsd.org/changeset/base/357290 Log: MFC r356816: Fix pfdenied not returning any results When _a is empty we end up with an invalid invocation of pfctl, and no output. We must add quotes to make it clear to pfctl that we're passing an empty anchor name. PR: 224415 Submitted by: sigsys AT gmail.com Modified: stable/11/etc/periodic/security/520.pfdenied Directory Properties: stable/11/ (props changed) Modified: stable/11/etc/periodic/security/520.pfdenied ============================================================================== --- stable/11/etc/periodic/security/520.pfdenied Thu Jan 30 09:56:56 2020 (r357289) +++ stable/11/etc/periodic/security/520.pfdenied Thu Jan 30 09:56:57 2020 (r357290) @@ -46,7 +46,7 @@ then TMP=`mktemp -t security` for _a in "" $(pfctl -a "blacklistd" -sA 2>/dev/null) do - pfctl -a ${_a} -sr -v -z 2>/dev/null | \ + pfctl -a "${_a}" -sr -v -z 2>/dev/null | \ nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP} done if [ -s ${TMP} ]; then