From 58bc4d4e58d0a9c9e3d80a4d9c1e2ad49fa6de6e Mon Sep 17 00:00:00 2001 From: christos Date: Mon, 11 Mar 2013 00:09:07 +0000 Subject: [PATCH] handle port "ftp-data" --- usr.sbin/npf/npfctl/npf_parse.y | 3 ++- usr.sbin/npf/npfctl/todo | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/usr.sbin/npf/npfctl/npf_parse.y b/usr.sbin/npf/npfctl/npf_parse.y index 3c8264459d4d..c657c02f2137 100644 --- a/usr.sbin/npf/npfctl/npf_parse.y +++ b/usr.sbin/npf/npfctl/npf_parse.y @@ -1,4 +1,4 @@ -/* $NetBSD: npf_parse.y,v 1.19 2013/03/10 23:11:26 christos Exp $ */ +/* $NetBSD: npf_parse.y,v 1.20 2013/03/11 00:09:07 christos Exp $ */ /*- * Copyright (c) 2011-2012 The NetBSD Foundation, Inc. @@ -677,6 +677,7 @@ port_range port : NUM { $$ = $1; } | IDENTIFIER { $$ = npfctl_portno($1); } + | STRING { $$ = npfctl_portno($1); } ; icmp_type_and_code diff --git a/usr.sbin/npf/npfctl/todo b/usr.sbin/npf/npfctl/todo index c71952c40c87..51deaa2ad5ce 100644 --- a/usr.sbin/npf/npfctl/todo +++ b/usr.sbin/npf/npfctl/todo @@ -1,4 +1,3 @@ --- parse "port ftp-data" properly -- how to convert other packet filters to npf -- have a way to use npflog to log packets to syslog -- have a way to match dropped packets to rules @@ -21,3 +20,4 @@ ok modules should move from /usr/lib to /lib ok parse dynamic map rule properly inet4($ext_if) does not work ok create npflog interface automatically ok need to bring interface npflog up +ok parse 'port "ftp-data"' properly