From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 03:53:02 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id B025316A4CF; Thu, 16 Sep 2004 03:53:02 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 3103 invoked by uid 1005); 1 Oct 2003 21:56:52 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 3100 invoked from network); 1 Oct 2003 21:56:52 -0000 Received: from moutng.kundenserver.de (212.227.126.171) by pd9e392bf.dip.t-dialin.net with SMTP; 1 Oct 2003 21:56:52 -0000 Received: from [212.227.126.215] (helo=mxng19.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1A4pp2-0007SQ-00 for max@vampire.homelinux.org; Thu, 02 Oct 2003 00:51:52 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng19.kundenserver.de with esmtp (Exim 3.35 #1) id 1A4pp2-000627-00 for max@love2party.net; Thu, 02 Oct 2003 00:51:52 +0200 Received: from turing (localhost [127.0.0.1])ESMTP id 4F843390C45; Wed, 1 Oct 2003 17:47:09 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Wed, 01 Oct 2003 17:47:03 -0500 (EST) X-Original-To: pf4freebsd@freelists.org Delivered-To: pf4freebsd@freelists.org Received: from papoose.quick.com (papoose.quick.com [199.120.187.2]) ESMTP id 4BC06390C0A for ; Wed, 1 Oct 2003 17:47:03 -0500 (EST) Received: from [199.120.187.50] (lili.chezq.com [199.120.187.50]) by papoose.quick.com (8.12.9/8.12.9) with ESMTP id h91MpiYc082268 for ; Wed, 1 Oct 2003 18:51:44 -0400 (EDT) (envelope-from jq@quick.com) Mime-Version: 1.0 (Apple Message framework v599) Message-Id: Content-type: text/plain; charset=US-ASCII To: pf4freebsd@freelists.org From: James Quick X-Mailer: Apple Mail (2.599) X-archive-position: 176 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: jq@quick.com Precedence: normal X-list: pf4freebsd Content-Transfer-Encoding: quoted-printable X-UID: 291 X-Length: 3270 X-Mailman-Approved-At: Thu, 16 Sep 2004 03:55:51 +0000 Subject: [pf4freebsd] Patch for :broadcast expansion. X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 03:53:02 -0000 X-Original-Date: Wed, 1 Oct 2003 18:51:38 -0400 X-List-Received-Date: Thu, 16 Sep 2004 03:53:02 -0000 The expansion of ifname:broadcast, is not useful on systems such as jail hosts which have multiple addresses on the same network aliased to the interface, since in that case the broadcast macro expands to the not only the broadcast address but also the addresses of each of the aliased host addresses. This patch to pfctl excludes addresses with /32 netmasks when expanding the :broadcast macro. Index: pfctl/pfctl_parser.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file:=20 /home/cvsadmin/repository/freebsd/localmods/pf/pfctl/pfctl_parser.c,v retrieving revision 1.1.1.1 diff -r1.1.1.1 pfctl_parser.c 991c991,992 < if (mode =3D=3D PFCTL_IFLOOKUP_BCAST && p->af !=3D AF_INET) --- > if (mode =3D=3D PFCTL_IFLOOKUP_BCAST && > (p->af !=3D AF_INET || unmask(&p->addr.v.a.mask, p->af) =3D=3D 3= 2))