Changeset View
Changeset View
Standalone View
Standalone View
sbin/pfctl/parse.y
Show First 20 Lines • Show All 1,034 Lines • ▼ Show 20 Lines | | BINATANCHOR string interface af proto fromto rtable { | ||||
yyerror("fromto parameter not supported" | yyerror("fromto parameter not supported" | ||||
" in binat-anchor"); | " in binat-anchor"); | ||||
YYERROR; | YYERROR; | ||||
} | } | ||||
decide_address_family($6.src.host, &r.af); | decide_address_family($6.src.host, &r.af); | ||||
decide_address_family($6.dst.host, &r.af); | decide_address_family($6.dst.host, &r.af); | ||||
pfctl_add_rule(pf, &r, $2); | pfctl_append_rule(pf, &r, $2); | ||||
free($2); | free($2); | ||||
} | } | ||||
; | ; | ||||
loadrule : LOAD ANCHOR string FROM string { | loadrule : LOAD ANCHOR string FROM string { | ||||
struct loadanchors *loadanchor; | struct loadanchors *loadanchor; | ||||
if (strlen(pf->anchor->name) + 1 + | if (strlen(pf->anchor->name) + 1 + | ||||
▲ Show 20 Lines • Show All 3,333 Lines • ▼ Show 20 Lines | binatrule : no BINAT natpasslog interface af proto FROM ipspec toipspec tag | ||||
pa->addr = $13->host->addr; | pa->addr = $13->host->addr; | ||||
pa->ifname[0] = 0; | pa->ifname[0] = 0; | ||||
TAILQ_INSERT_TAIL(&binat.rpool.list, | TAILQ_INSERT_TAIL(&binat.rpool.list, | ||||
pa, entries); | pa, entries); | ||||
free($13); | free($13); | ||||
} | } | ||||
pfctl_add_rule(pf, &binat, ""); | pfctl_append_rule(pf, &binat, ""); | ||||
} | } | ||||
; | ; | ||||
tag : /* empty */ { $$ = NULL; } | tag : /* empty */ { $$ = NULL; } | ||||
| TAG STRING { $$ = $2; } | | TAG STRING { $$ = $2; } | ||||
; | ; | ||||
tagged : /* empty */ { $$.neg = 0; $$.name = NULL; } | tagged : /* empty */ { $$.neg = 0; $$.name = NULL; } | ||||
▲ Show 20 Lines • Show All 1,000 Lines • ▼ Show 20 Lines | for (h = rpool_hosts; h != NULL; h = h->next) { | ||||
pa->ifname[0] = 0; | pa->ifname[0] = 0; | ||||
TAILQ_INSERT_TAIL(&r->rpool.list, pa, entries); | TAILQ_INSERT_TAIL(&r->rpool.list, pa, entries); | ||||
} | } | ||||
if (rule_consistent(r, anchor_call[0]) < 0 || error) | if (rule_consistent(r, anchor_call[0]) < 0 || error) | ||||
yyerror("skipping rule due to errors"); | yyerror("skipping rule due to errors"); | ||||
else { | else { | ||||
r->nr = pf->astack[pf->asd]->match++; | r->nr = pf->astack[pf->asd]->match++; | ||||
pfctl_add_rule(pf, r, anchor_call); | pfctl_append_rule(pf, r, anchor_call); | ||||
added++; | added++; | ||||
} | } | ||||
)))))))))); | )))))))))); | ||||
FREE_LIST(struct node_if, interfaces); | FREE_LIST(struct node_if, interfaces); | ||||
FREE_LIST(struct node_proto, protos); | FREE_LIST(struct node_proto, protos); | ||||
FREE_LIST(struct node_host, src_hosts); | FREE_LIST(struct node_host, src_hosts); | ||||
▲ Show 20 Lines • Show All 960 Lines • Show Last 20 Lines |