pfctl -sr did not show divert-reply rules without address family

correctly. A zero address field is used to identify divert-reply rules. If the rule's address family is unspecified, PF_AZERO() always returns false. So use AF_INET6 as address family, to check all bits of the address. ok markus@
author: bluhm <bluhm@openbsd.org> 2010-10-12 17:45:06 +0000
committer: bluhm <bluhm@openbsd.org> 2010-10-12 17:45:06 +0000
commit: fd27dbfff7fd223ba5e9d347494e6301a5698af3 (patch)
tree: 9264f7a9c7e5b931417fde2c688d077110d3e8dd
parent: If the input length was specified, use it to set the stdio buffer (diff)
download: wireguard-openbsd-fd27dbfff7fd223ba5e9d347494e6301a5698af3.tar.xz
wireguard-openbsd-fd27dbfff7fd223ba5e9d347494e6301a5698af3.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index 91b7e2d7d85..aadac9241f6 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfctl_parser.c,v 1.271 2010/09/22 06:02:59 henning Exp $ */
+/*	$OpenBSD: pfctl_parser.c,v 1.272 2010/10/12 17:45:06 bluhm Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -1022,7 +1022,7 @@ print_rule(struct pf_rule *r, const char *anchor_call, int verbose)
 	if (r->rtableid != -1)
 		printf(" rtable %u", r->rtableid);
 	if (r->divert.port) {
-		if (PF_AZERO(&r->divert.addr, r->af)) {
+		if (PF_AZERO(&r->divert.addr, AF_INET6)) {
 			printf(" divert-reply");
 		} else {
 			/* XXX cut&paste from print_addr */
author	bluhm <bluhm@openbsd.org>	2010-10-12 17:45:06 +0000
committer	bluhm <bluhm@openbsd.org>	2010-10-12 17:45:06 +0000
commit	fd27dbfff7fd223ba5e9d347494e6301a5698af3 (patch)
tree	9264f7a9c7e5b931417fde2c688d077110d3e8dd
parent	If the input length was specified, use it to set the stdio buffer (diff)
download	wireguard-openbsd-fd27dbfff7fd223ba5e9d347494e6301a5698af3.tar.xz wireguard-openbsd-fd27dbfff7fd223ba5e9d347494e6301a5698af3.zip