pfdenied: fix checking root anchor
pfctl doesn't like empty anchors (-a ''), but we can specify the root
anchor as '/' too, so do that instead.
PR: 295324
Tested by: Paweł Krawczyk
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
This commit is contained in:
@@ -41,7 +41,7 @@ rc=0
|
||||
if check_yesno_period security_status_pfdenied_enable
|
||||
then
|
||||
TMP=`mktemp -t security`
|
||||
for _a in "" $(pfctl -a "blacklistd" -sA 2>/dev/null) $(pfctl -a "blocklistd" -sA 2>/dev/null) ${security_status_pfdenied_additionalanchors}
|
||||
for _a in "/" $(pfctl -a "blacklistd" -sA 2>/dev/null) $(pfctl -a "blocklistd" -sA 2>/dev/null) ${security_status_pfdenied_additionalanchors}
|
||||
do
|
||||
pfctl -a "${_a}" -sr -v -z 2>/dev/null | \
|
||||
nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP}
|
||||
|
||||
Reference in New Issue
Block a user