]> git.ipfire.org Git - thirdparty/openvpn.git/commitdiff
projects / thirdparty / openvpn.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 233105d)
Handle non standard subnets in PF grammar
authorchantra <chantra@debuntu.org>
Fri, 11 Jun 2010 14:23:03 +0000 (16:23 +0200)
committerDavid Sommerseth <dazo@users.sourceforge.net>
Thu, 21 Oct 2010 09:40:36 +0000 (11:40 +0200)
Allow subnets for like 192.168.100.8/28 to be understood.  A warning
will be logged when subnet is incorrect and is being corrected to what
is assumed to be correct.

Signed-off-by: chantra <chantra@debuntu.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
pf.c patch | blob | blame | history

diff --git a/pf.c b/pf.c
index 3ce2ef24bdbb6b0a0cba6eff84f0ae1f9060ff81..aed836edc1ff6f82dc0d668af886263a6ff0dc65 100644 (file)
--- a/pf.c
+++ b/pf.c
@@ -109,6 +109,11 @@ add_subnet (const char *line, const char *prefix, const int line_num, struct pf_
          return false;
        }
       netmask = netbits_to_netmask (netbits);
+      if ((network.s_addr & htonl (netmask)) != network.s_addr)
+        {
+          network.s_addr &= htonl (netmask);
+          msg (M_WARN, "WARNING: PF: %s/%d: incorrect subnet %s/%d changed to %s/%d", prefix, line_num, line, netbits, inet_ntoa (network), netbits);
+        }
     }
   else
     {
Mirror of https://github.com/OpenVPN/openvpn.git