From nobody Fri Aug 11 12:13:30 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RMjPQ6rZnz4q19w; Fri, 11 Aug 2023 12:13:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4RMjPQ6Jrsz3gGH; Fri, 11 Aug 2023 12:13:30 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1691756010; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bysG/6fz+gRoYrtVqiYL2r7Pt+vtTkc7tnfb1jqLGsc=; b=ZeAMqhCH2NJD10cmycSLEyY3lfUFf6tYXwlVeokFKN8XELU+vAL2uivucz5ruE3sA3BqUI 26MeYgLwo6XJEdZln4Bc0xqPneFkOtPv6n5++FghM5ZkF4ZPIcN0dSwIxNKJwMC7n7M3PF Hbzy674ISg2fS4FuFyHUtXHxiofKY3hJt+xZ23/Gso/qwqnC+rg3uZs/dFdwNyP5qEJTlI aOP3Jmzuu5jsRPvhPE0s99lbjQIdhYlE06T6W6suaZFIPaMzEqul6J5rdtdQfaYpfVRbp2 SUMLKRFFU+f2xuWvfBsJA7X6gzSK6Nv/IniKB250kYZU5DAfMLP7pa0rDF24Kw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1691756010; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bysG/6fz+gRoYrtVqiYL2r7Pt+vtTkc7tnfb1jqLGsc=; b=ZzP2peruu+IvckN9fWYPOnfC8AeGMKuzPgX2rdXNb7Kkr/++auih9Uh5js9tHX8XD84UdT yGjZPE6GCz1TYmz58WyCWo9XIbc/QKVLgjPFED5H5s5siuRDl5OJvTYDzGoQa1z38rEeiX R87iii/+cnjaHJjO74w4vU4bcH1aMfaqJPDqXr1tOUgFEpQYXDIXHAWZ8VJtozdTdCLvvS xhYUN3mc6m0U07xaMbCTAnLDwSyf/4vHo/LbXaNgek6cOtYOOkrbhl5xf77A/Wvqt5P/Zk 0PET6is5oq3urhOCWw/F8CvDacyHqjWxP+J+u5v9B/CMoKO2dDDseZ0G3iYkPg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1691756010; a=rsa-sha256; cv=none; b=GBaCuTUESJ6hNKfMmgjKPbUuSoyuz51Uqk0d4+BESPLXvk8OEF0+3ccrLvDIJvOc4kfvLs je9LECDlQO/Ovt8FSLOcRujQhKgYVCTzQ7nKNrgK74IWUJPU5qiOMVUXc5nRlAo6/gI2fc HYE1Rxm4sPVMuf90CrwmF2V32wef9NhZ9wsTWihtLxGkAepDAWxwho3J+aOFEhPEqcJKVZ sZb7jDuE4ijqL6yiaPOzueeP9kFjdlS+VIpLDHWc9336CDyMpBI0JzvpwZ6bNI4Qxa88OI 87jAYP2WWLqEd5w7xreT6Zwzw9cf/TCIg/keHhfJOfzLraM62IsHNw4iw4xLSA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RMjPQ5MXZzfJ7; Fri, 11 Aug 2023 12:13:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 37BCDUZF008459; Fri, 11 Aug 2023 12:13:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 37BCDUXx008456; Fri, 11 Aug 2023 12:13:30 GMT (envelope-from git) Date: Fri, 11 Aug 2023 12:13:30 GMT Message-Id: <202308111213.37BCDUXx008456@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 9b14d6c17355 - stable/13 - pfctl: SCTP can have port numbers List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 9b14d6c17355d0f516991cefd240bf51e8c26959 Auto-Submitted: auto-generated The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=9b14d6c17355d0f516991cefd240bf51e8c26959 commit 9b14d6c17355d0f516991cefd240bf51e8c26959 Author: Kristof Provost AuthorDate: 2023-04-26 14:59:40 +0000 Commit: Kristof Provost CommitDate: 2023-08-11 12:13:09 +0000 pfctl: SCTP can have port numbers MFC after: 3 weeks Sponsored by: Orange Business Services Differential Revision: https://reviews.freebsd.org/D40861 (cherry picked from commit 0bd4a6837c4bc3dd6168c5679c21c58d41a6910e) --- sbin/pfctl/parse.y | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 043f8faee27b..1a7ce483ef7f 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -4797,8 +4797,9 @@ filter_consistent(struct pfctl_rule *r, int anchor_call) int problems = 0; if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP && + r->proto != IPPROTO_SCTP && (r->src.port_op || r->dst.port_op)) { - yyerror("port only applies to tcp/udp"); + yyerror("port only applies to tcp/udp/sctp"); problems++; } if (r->proto != IPPROTO_ICMP && r->proto != IPPROTO_ICMPV6 && @@ -4865,17 +4866,18 @@ rdr_consistent(struct pfctl_rule *r) { int problems = 0; - if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP) { + if (r->proto != IPPROTO_TCP && r->proto != IPPROTO_UDP && + r->proto != IPPROTO_SCTP) { if (r->src.port_op) { - yyerror("src port only applies to tcp/udp"); + yyerror("src port only applies to tcp/udp/sctp"); problems++; } if (r->dst.port_op) { - yyerror("dst port only applies to tcp/udp"); + yyerror("dst port only applies to tcp/udp/sctp"); problems++; } if (r->rpool.proxy_port[0]) { - yyerror("rpool port only applies to tcp/udp"); + yyerror("rpool port only applies to tcp/udp/sctp"); problems++; } } @@ -6350,6 +6352,8 @@ getservice(char *n) s = getservbyname(n, "tcp"); if (s == NULL) s = getservbyname(n, "udp"); + if (s == NULL) + s = getservbyname(n, "sctp"); if (s == NULL) { yyerror("unknown port %s", n); return (-1);