Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 7 Jul 2025 15:07:54 GMT
From:      Kristof Provost <kp@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 9d74a1b5d6cf - main - pfctl: Make -N and -r mutually exclusive
Message-ID:  <202507071507.567F7s2f016583@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=9d74a1b5d6cfde02d27786c59ccafafdf6d6fe63

commit 9d74a1b5d6cfde02d27786c59ccafafdf6d6fe63
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-07-02 09:43:43 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-07-07 15:06:49 +0000

    pfctl: Make -N and -r mutually exclusive
    
    Either disable DNS or enable additional reverse lookups, but not both.
    
    OK benno
    
    Obtained from:  OpenBSD, kn <kn@openbsd.org>, b294e41e93
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sbin/pfctl/pfctl.8 | 6 +++++-
 sbin/pfctl/pfctl.c | 3 +++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index 85294dda949f..0c4a7b519bf6 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd July 1, 2025
+.Dd July 2, 2025
 .Dt PFCTL 8
 .Os
 .Sh NAME
@@ -402,6 +402,10 @@ Load only the filter rules present in the rule file.
 Other rules and options are ignored.
 .It Fl r
 Perform reverse DNS lookups on states and tables when displaying them.
+.Fl N
+and
+.Fl r
+are mutually exclusive.
 .It Fl s Ar modifier
 Show the filter parameters specified by
 .Ar modifier
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 10183084ceec..d3614f5f7c59 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -3156,6 +3156,9 @@ main(int argc, char *argv[])
 		}
 	}
 
+	if ((opts & PF_OPT_NODNS) && (opts & PF_OPT_USEDNS))
+		errx(1, "-N and -r are mutually exclusive");
+
 	if (tblcmdopt == NULL ^ tableopt == NULL)
 		usage();

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202507071507.567F7s2f016583>