On 2008-08-31, Martin Gignac <[EMAIL PROTECTED]> wrote:
> 1. Why do pftop and systat report rule #4 as a kind of "pass all" rule
> when it's actually an 'anchor "ftp-proxy/*" all' rule? Is this normal
> and expected?
looks like this isn't implemented yet.
> 2. Is it a bug for systat to report the direction of rule #4 as "In"
> while pftop reports it as "Any"? I'm assuming the difference indicates
> a bug in either one of the programs.
this diff fixes systat.
Index: usr.bin/systat/pftop.c
===================================================================
RCS file: /data/cvsroot/open/anoncvs/cvs/src/usr.bin/systat/pftop.c,v
retrieving revision 1.4
diff -u -p -r1.4 pftop.c
--- usr.bin/systat/pftop.c 16 Jul 2008 10:23:39 -0000 1.4
+++ usr.bin/systat/pftop.c 1 Sep 2008 14:16:48 -0000
@@ -1281,7 +1281,13 @@ print_rule(struct pf_rule *pr)
print_fld_size(FLD_BYTES, pr->bytes[0] + pr->bytes[1]);
print_fld_uint(FLD_RULE, pr->nr);
- print_fld_str(FLD_DIR, pr->direction == PF_OUT ? "Out" : "In");
+ if (pr->direction == PF_OUT)
+ print_fld_str(FLD_DIR, "Out");
+ else if (pr->direction == PF_IN)
+ print_fld_str(FLD_DIR, "In");
+ else
+ print_fld_str(FLD_DIR, "Any");
+
if (pr->quick)
print_fld_str(FLD_QUICK, "Quick");
