Hi,
I've applied the patch on 6.2 and it fixes the problem.
# pfctl -ef /etc/pf.conf
pf enabled
# pfctl -a /uno/due -t foo -T show
10.0.0.1
# pfctl -a /uno/due -s r
pass from <foo> to any flags S/SA
#
Thank You
Leo
On Tue, Nov 14, 2017 at 11:07:31AM +0100, Alexandr Nedvedicky wrote:
> Hello Leo,
>
> this looks like my bad, which goes back to commit [1], which tried to fix 'mix
> up of anchor names and anchor paths'. I've completely forgot to take care of
> pfctl/parse.y back then. Please let me know if patch below solves your
> problem.
> thank you for great troubleshooting and excellent test case.
>
> sorry for any inconveniences
> regards
> sasha
>
> [1]
> https://github.com/openbsd/src/commit/3bf93159c5f63841415c20c3b4c861fd39edaf82#diff-0ad00dde5326b7d2b54b5c11cef40842
>
> --------8<---------------8<---------------8<------------------8<--------
> diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
> index c170e60d2a0..b56ed47ff8b 100644
> --- a/sbin/pfctl/parse.y
> +++ b/sbin/pfctl/parse.y
> @@ -4133,7 +4133,7 @@ process_tabledef(char *name, struct table_opts *opts,
> int popts)
> &opts->init_nodes);
> if (!(pf->opts & PF_OPT_NOACTION) &&
> pfctl_define_table(name, opts->flags, opts->init_addr,
> - pf->anchor->name, &ab, pf->anchor->ruleset.tticket)) {
> + pf->anchor->path, &ab, pf->anchor->ruleset.tticket)) {
> yyerror("cannot define table %s: %s", name,
> pfr_strerror(errno));
> goto _error;
>
