Use pfctl_fopen (which checks to ensure the given file isn't a directory)
authorsthen <sthen@openbsd.org>
Thu, 2 Nov 2023 20:47:31 +0000 (20:47 +0000)
committersthen <sthen@openbsd.org>
Thu, 2 Nov 2023 20:47:31 +0000 (20:47 +0000)
commit2f4809884632ab0edb533ab9efb40ef71d5dbe71
treea470d391cc8549e0f3cb543e32010a0c31403a85
parent8b16e24e23efce5bdb87c4baa5b9615c4c6a001f
Use pfctl_fopen (which checks to ensure the given file isn't a directory)
for pfctl -f /path/to/pf.conf. Otherwise, if you accidentally use a dir
instead of a file (e.g. if you have an /etc/pf directory and don't notice
the name when tab-completing), you successfully install an empty ruleset.
ok sashan@
sbin/pfctl/parse.y