pf: Make ':0' ignore link-local v6 addresses too

When users mark an interface to not use aliases they likely also don't want to use the link-local v6 address there. PR: 201695 Submitted by: Russell Yount <Russell.Yount AT gmail.com> Differential Revision: https://reviews.freebsd.org/D17633
author: Kristof Provost <kp@FreeBSD.org> 2018-10-28 05:32:50 +0000
committer: Kristof Provost <kp@FreeBSD.org> 2018-10-28 05:32:50 +0000
commit: 99eb00558a73186924b3dce77c96687bb0cb6b48 (patch)
tree: 3a51fb2ed9db60af9c7ce826aea85ffd495bc229 /sbin/pfctl/pfctl_parser.c
parent: f64bccc6d92b6e45d8d2765f89a64f4ffc27496c (diff)
download: src-test2-99eb00558a73186924b3dce77c96687bb0cb6b48.tar.gz
src-test2-99eb00558a73186924b3dce77c96687bb0cb6b48.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index d3ac9506ac35..9fbfe7cbdb7b 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -1366,6 +1366,9 @@ ifa_lookup(const char *ifa_name, int flags)
 		last_if = p->ifname;
 		if ((flags & PFI_AFLAG_NOALIAS) && p->af == AF_INET && got4)
 			continue;
+		if ((flags & PFI_AFLAG_NOALIAS) && p->af == AF_INET6 &&
+		    IN6_IS_ADDR_LINKLOCAL(&p->addr.v.a.addr.v6))
+			continue;
 		if ((flags & PFI_AFLAG_NOALIAS) && p->af == AF_INET6 && got6)
 			continue;
 		if (p->af == AF_INET)
author	Kristof Provost <kp@FreeBSD.org>	2018-10-28 05:32:50 +0000
committer	Kristof Provost <kp@FreeBSD.org>	2018-10-28 05:32:50 +0000
commit	99eb00558a73186924b3dce77c96687bb0cb6b48 (patch)
tree	3a51fb2ed9db60af9c7ce826aea85ffd495bc229 /sbin/pfctl/pfctl_parser.c
parent	f64bccc6d92b6e45d8d2765f89a64f4ffc27496c (diff)
download	src-test2-99eb00558a73186924b3dce77c96687bb0cb6b48.tar.gz src-test2-99eb00558a73186924b3dce77c96687bb0cb6b48.zip