diff options
| author |   mcbride <mcbride@openbsd.org> | 2006-10-06 17:04:53 +0000 |
|---|---|---|
| committer | mcbride <mcbride@openbsd.org> | 2006-10-06 17:04:53 +0000 |
| commit | bd9b24fa549eb8811098cd0e93777b4fe46164fa (patch) | |
| tree | da8449a58e13467c0b74a19c50a18c0d77e31255 | |
| parent | 'no state' should only be printed on pass rules, though. (diff) | |
| download | wireguard-openbsd-bd9b24fa549eb8811098cd0e93777b4fe46164fa.tar.xz wireguard-openbsd-bd9b24fa549eb8811098cd0e93777b4fe46164fa.zip | |
Print 'flags any' correctly and handle anchors.
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index 7e8d4e2844a..a6eb255858c 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.229 2006/10/06 16:42:03 mcbride Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.230 2006/10/06 17:04:53 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -793,7 +793,11 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) print_flags(r->flags); printf("/"); print_flags(r->flagset); - } + } else if (r->action == PF_PASS && + (!r->proto || r->proto == IPPROTO_TCP) && + !(r->rule_flag & PFRULE_FRAGMENT) && + !anchor_call[0]) + printf(" flags any"); if (r->type) { const struct icmptypeent *it; @@ -818,7 +822,7 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose) } if (r->tos) printf(" tos 0x%2.2x", r->tos); - if (!r->keep_state && r->action == PF_PASS) + if (!r->keep_state && r->action == PF_PASS && !anchor_call[0]) printf(" no state"); else if (r->keep_state == PF_STATE_NORMAL) printf(" keep state"); |