summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorchantra <chantra@debuntu.org>2010-06-11 16:23:03 +0200
committerDavid Sommerseth <dazo@users.sourceforge.net>2010-06-11 16:23:03 +0200
commita881843bf2101e77d15cb88105684288655055cb (patch)
tree32d183af71179ce382ef2658fff62fecb350b5ac
parente0ca5fdf8f54c3c264fcb1ddaf0adbde212d858a (diff)
downloadopenvpn-a881843bf2101e77d15cb88105684288655055cb.tar.gz
openvpn-a881843bf2101e77d15cb88105684288655055cb.tar.xz
openvpn-a881843bf2101e77d15cb88105684288655055cb.zip
Handle non standard subnets in PF grammar
Allow subnets for like 192.168.100.8/28 to be understood. A warning will be logged when subnet is incorrect and is being corrected to what is assumed to be correct. Signed-off-by: chantra <chantra@debuntu.org> Acked-by: Gert Doering <gert@greenie.muc.de> Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
Diffstat
-rw-r--r--pf.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/pf.c b/pf.c
index 3ce2ef2..aed836e 100644
--- a/pf.c
+++ b/pf.c
@@ -109,6 +109,11 @@ add_subnet (const char *line, const char *prefix, const int line_num, struct pf_
return false;
}
netmask = netbits_to_netmask (netbits);
+ if ((network.s_addr & htonl (netmask)) != network.s_addr)
+ {
+ network.s_addr &= htonl (netmask);
+ msg (M_WARN, "WARNING: PF: %s/%d: incorrect subnet %s/%d changed to %s/%d", prefix, line_num, line, netbits, inet_ntoa (network), netbits);
+ }
}
else
{
generated by cgit (git 2.34.1) at 2024-05-02 02:52:57 +0000