CVSROOT: /cvs
Module name: src
Changes by: k...@cvs.openbsd.org 2019/01/10 20:09:24
Modified files:
sbin/pfctl : pfctl.c
Log message:
Defuse `-F all -i interface'
Flushing all filter parameters does not make sense on one specific
interface only as already noted. However, the main ruleset as well as
all tables were still cleared on such invalid usage.
Furthermore, an empty interface name was treated like no interface at
all, hence source tracking entries, statistics and interface flags were
cleared also.
Immediately error out if `-i' is given regardless of its argument before
flushing anything.
OK sashan
