git: a8a95277363b - main - pfctl: Allow a semicolon (;) as a comment
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 25 Jul 2024 13:10:35 UTC
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=a8a95277363be2c92b3c06bd9cd1a32d1c6c6ecd commit a8a95277363be2c92b3c06bd9cd1a32d1c6c6ecd Author: Juraj Lutter <otis@FreeBSD.org> AuthorDate: 2024-07-25 08:07:50 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2024-07-25 13:06:24 +0000 pfctl: Allow a semicolon (;) as a comment To make parsing of, for example, Spamhaus' drop.txt and similar files that contains semicolons as comments, allow them also in file-based tables. Reviewed by: kp MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D46088 --- sbin/pfctl/pfctl.8 | 4 +++- sbin/pfctl/pfctl_radix.c | 4 ++-- sbin/pfctl/tests/files/pf1020.in | 3 +++ sbin/pfctl/tests/files/pf1020.include | 4 ++++ sbin/pfctl/tests/files/pf1020.ok | 2 ++ sbin/pfctl/tests/pfctl_test_list.inc | 1 + 6 files changed, 15 insertions(+), 3 deletions(-) diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8 index 6c9a9f3b2ca4..80fdc394a568 100644 --- a/sbin/pfctl/pfctl.8 +++ b/sbin/pfctl/pfctl.8 @@ -24,7 +24,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd October 20, 2023 +.Dd July 23, 2024 .Dt PFCTL 8 .Os .Sh NAME @@ -531,6 +531,8 @@ line and/or in an unformatted text file, using the flag. Comments starting with a .Sq # +or +.Sq \; are allowed in the text file. With these commands, the .Fl v diff --git a/sbin/pfctl/pfctl_radix.c b/sbin/pfctl/pfctl_radix.c index b1180b40dfee..cfe982a84e95 100644 --- a/sbin/pfctl/pfctl_radix.c +++ b/sbin/pfctl/pfctl_radix.c @@ -534,8 +534,8 @@ pfr_next_token(char buf[BUF_SIZE], FILE *fp) /* skip spaces */ while (isspace(next_ch) && !feof(fp)) next_ch = fgetc(fp); - /* remove from '#' until end of line */ - if (next_ch == '#') + /* remove from '#' or ';' until end of line */ + if (next_ch == '#' || next_ch == ';') while (!feof(fp)) { next_ch = fgetc(fp); if (next_ch == '\n') diff --git a/sbin/pfctl/tests/files/pf1020.in b/sbin/pfctl/tests/files/pf1020.in new file mode 100644 index 000000000000..7f98df69bd04 --- /dev/null +++ b/sbin/pfctl/tests/files/pf1020.in @@ -0,0 +1,3 @@ +table <tabl1> file "./pf1020.include" + +block from <tabl1> diff --git a/sbin/pfctl/tests/files/pf1020.include b/sbin/pfctl/tests/files/pf1020.include new file mode 100644 index 000000000000..3fca07f64bfa --- /dev/null +++ b/sbin/pfctl/tests/files/pf1020.include @@ -0,0 +1,4 @@ +; comment1 +# comment2 +1.0.0.1/32 ; comment1 +2.0.0.2/32 # comment2 diff --git a/sbin/pfctl/tests/files/pf1020.ok b/sbin/pfctl/tests/files/pf1020.ok new file mode 100644 index 000000000000..16073b3d6987 --- /dev/null +++ b/sbin/pfctl/tests/files/pf1020.ok @@ -0,0 +1,2 @@ +table <tabl1> file "./pf1020.include" +block drop from <tabl1> to any diff --git a/sbin/pfctl/tests/pfctl_test_list.inc b/sbin/pfctl/tests/pfctl_test_list.inc index 2dcee80b6e93..5d1717200759 100644 --- a/sbin/pfctl/tests/pfctl_test_list.inc +++ b/sbin/pfctl/tests/pfctl_test_list.inc @@ -128,3 +128,4 @@ PFCTL_TEST(1016, "Ethernet rule with ridentifier and one label") PFCTL_TEST(1017, "Ethernet rule with ridentifier and several labels") PFCTL_TEST(1018, "Test dynamic address mask") PFCTL_TEST(1019, "Test pflow option") +PFCTL_TEST(1020, "Test hashmark and semicolon comment")