pfctl: Fix recursive printing of anchor labels

We recently noticed that the recursive printing of labels wasn't working like the recursive printing of rules. When running pfctl -sr -a* we get a listing of all rules, including the ones inside anchors. On the other hand, when running pfctl -sl -a*, it would only print the labels in the root level, just like without the -a* argument. As in our use-case we are interested on labels only and our labels are unique even between anchors, we didn't add indentation or hierarchy to the printing. Sponsored by: InnoGames GmbH Differential Revision: https://reviews.freebsd.org/D42728
2024-07-21 18:27:22 +00:00 · 2023-11-27 16:53:27 +01:00 · 2023-11-27 16:53:27 +01:00 · 0187875a6c
parent 44f323ecde
commit 0187875a6c
1 changed files with 8 additions and 0 deletions
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@ -1367,6 +1367,14 @@ pfctl_show_rules(int dev, char *path, int opts, enum pfctl_show format,
 				    (unsigned long long)rule.bytes[1],
 				    (uintmax_t)rule.states_tot);
 			}
+
+			if (anchor_call[0] &&
+			    (((p = strrchr(anchor_call, '/')) ?
+			      p[1] == '_' : anchor_call[0] == '_') ||
+			     opts & PF_OPT_RECURSE)) {
+				pfctl_show_rules(dev, npath, opts, format,
+				    anchor_call, depth, rule.anchor_wildcard);
+			}
 			break;
 		}
 		case PFCTL_SHOW_RULES: