On 2012/03/06 10:20, Gabriel Linder wrote:
> On 03/05/12 21:10, Erik Lax wrote:
> >On 3/2/12 5:09 PM, Gabriel Linder wrote:
> >>Since 5.0 rules injected by relayd includes "on rdomain 0" and
> >>"prio 0", I guess that's not intended ?
> >I think you're right. And if so, the same problem seem to exist for
> >the ftp-proxy (filter.c) as well. I guess this is what happens when
> >default values aren't compatible with bzero :)
>
> Indeed :) Anything messing with anchors is probably concerned.
>
> I just saw that my MUA scrambled my previous diff by replacing tabs
> by spaces, here is a proper version
> http://dargor.servebeer.com/~dargor/openbsd/relayd/pfe_filter.c.diff
>
Seems OK to me but somebody who uses multiple rtables needs to check it
(and also for ftp-proxy where a similar diff is needed and it has some
multiple rtable support already).
Here it is for tftp-proxy which is single rtable. OK?
Index: filter.c
===================================================================
RCS file: /cvs/src/libexec/tftp-proxy/filter.c,v
retrieving revision 1.10
diff -u -p -r1.10 filter.c
--- filter.c 22 Jun 2011 08:40:14 -0000 1.10
+++ filter.c 6 Mar 2012 09:55:29 -0000
@@ -214,6 +214,9 @@ prepare_rule(u_int32_t id, struct sockad
}
pfr.rule.dst.port_op = PF_OP_EQ;
pfr.rule.dst.port[0] = htons(d_port);
+ pfr.rule.rtableid = -1;
+ pfr.rule.onrdomain = -1;
+ pfr.rule.prio[0] = pfr.rule.prio[1] = PF_PRIO_NOTSET;
pfr.rule.action = PF_PASS;
pfr.rule.quick = 1;
pfr.rule.log = rule_log;
