From owner-freebsd-bugs@FreeBSD.ORG Tue Nov 15 17:10:25 2005 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0901F16A41F for ; Tue, 15 Nov 2005 17:10:25 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7958C43D6D for ; Tue, 15 Nov 2005 17:10:20 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id jAFHAKHg070815 for ; Tue, 15 Nov 2005 17:10:20 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id jAFHAKe7070814; Tue, 15 Nov 2005 17:10:20 GMT (envelope-from gnats) Resent-Date: Tue, 15 Nov 2005 17:10:20 GMT Resent-Message-Id: <200511151710.jAFHAKe7070814@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Vladimir Kotal Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0A16516A41F for ; Tue, 15 Nov 2005 17:09:03 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 686FC43D5A for ; Tue, 15 Nov 2005 17:08:58 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id jAFH8vvv080658 for ; Tue, 15 Nov 2005 17:08:57 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id jAFH8vLP080657; Tue, 15 Nov 2005 17:08:57 GMT (envelope-from nobody) Message-Id: <200511151708.jAFH8vLP080657@www.freebsd.org> Date: Tue, 15 Nov 2005 17:08:57 GMT From: Vladimir Kotal To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: misc/89079: pfctl does not check interface name against list of known interfaces with () operator X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Nov 2005 17:10:25 -0000 >Number: 89079 >Category: misc >Synopsis: pfctl does not check interface name against list of known interfaces with () operator >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 15 17:10:20 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Vladimir Kotal >Release: 5.4-RELEASE >Organization: >Environment: FreeBSD worm 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Sun May 8 10:21:06 UTC 2005 root@harlow.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 >Description: pfctl(8) does not check interface name against list of interfaces actually present. >How-To-Repeat: insert following line into valid pf.conf file: pass out quick on $ext_if proto icmp from (XXX) to any keep state where ext_if is name of aritrary interface in the system and load the config file via pfctl -f . when loaded, pfctl -s Interfaces would present list of valid interfaces along with 'XXX' "interface". the problem lies in pfctl_parser.c:ifa_exists() and in following parse.y code: if (ifa_exists($2, 1) == NULL && strcmp($2, "self")) { #ifndef __FreeBSD__ yyerror("interface %s does not exist", $2); free(op); YYERROR; #endif >Fix: >Release-Note: >Audit-Trail: >Unformatted: