system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-22 02:37:15 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

pfctl: SCTP can have port numbers

Browse source 
MFC after:	3 weeks
Sponsored by:	Orange Business Services
Differential Revision:	https://reviews.freebsd.org/D40861
This commit is contained in:
Kristof Provost 2023-04-26 16:59:40 +02:00
parent 61e22e9b29
commit 0bd4a6837c
1 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
sbin/pfctl/parse.y
View file

@ -5274,8 +5274,9 @@ filter_consistent(struct pfctl_rule *r, int anchor_call)
int problems = 0;
if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP &&
r->proto != IPPROTO_SCTP &&
(r->src.port_op || r->dst.port_op)) {
yyerror("port only applies to tcp/udp");
yyerror("port only applies to tcp/udp/sctp");
problems++;
}
if (r->proto != IPPROTO_ICMP && r->proto != IPPROTO_ICMPV6 &&
@ -5354,17 +5355,18 @@ rdr_consistent(struct pfctl_rule *r)
{
int problems = 0;
if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP) {
if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP &&
r->proto != IPPROTO_SCTP) {
if (r->src.port_op) {
yyerror("src port only applies to tcp/udp");
yyerror("src port only applies to tcp/udp/sctp");
problems++;
}
if (r->dst.port_op) {
yyerror("dst port only applies to tcp/udp");
yyerror("dst port only applies to tcp/udp/sctp");
problems++;
}
if (r->rpool.proxy_port[0]) {
yyerror("rpool port only applies to tcp/udp");
yyerror("rpool port only applies to tcp/udp/sctp");
problems++;
}
}
@ -6936,6 +6938,8 @@ getservice(char *n)
s = getservbyname(n, "tcp");
if (s == NULL)
s = getservbyname(n, "udp");
if (s == NULL)
s = getservbyname(n, "sctp");
if (s == NULL) {
yyerror("unknown port %s", n);
return (-1);