summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--nest/config.Y4
-rw-r--r--nest/iface.c18
2 files changed, 15 insertions, 7 deletions
diff --git a/nest/config.Y b/nest/config.Y
index 792012e..7bb0525 100644
--- a/nest/config.Y
+++ b/nest/config.Y
@@ -181,8 +181,8 @@ iface_patt_node_init:
iface_patt_node_body:
TEXT { this_ipn->pattern = $1; this_ipn->prefix = IPA_NONE; this_ipn->pxlen = 0; }
- | prefix { this_ipn->pattern = NULL; this_ipn->prefix = $1.addr; this_ipn->pxlen = $1.len; }
- | TEXT prefix { this_ipn->pattern = $1; this_ipn->prefix = $2.addr; this_ipn->pxlen = $2.len; }
+ | prefix_or_ipa { this_ipn->pattern = NULL; this_ipn->prefix = $1.addr; this_ipn->pxlen = $1.len; }
+ | TEXT prefix_or_ipa { this_ipn->pattern = $1; this_ipn->prefix = $2.addr; this_ipn->pxlen = $2.len; }
;
iface_negate:
diff --git a/nest/iface.c b/nest/iface.c
index a80e973..4d0cf04 100644
--- a/nest/iface.c
+++ b/nest/iface.c
@@ -588,12 +588,20 @@ iface_patt_match(struct iface_patt *ifp, struct iface *i, struct ifa *a)
continue;
}
- // FIXME there should be check for prefix in prefix. (?)
- if (p->pxlen)
- if (!a || !ipa_in_net(a->ip, p->prefix, p->pxlen))
- continue;
+ if (p->pxlen == 0)
+ return pos;
- return pos;
+ if (!a)
+ continue;
+
+ if (ipa_in_net(a->ip, p->prefix, p->pxlen))
+ return pos;
+
+ if ((a->flags & IA_UNNUMBERED) &&
+ ipa_in_net(a->opposite, p->prefix, p->pxlen))
+ return pos;
+
+ continue;
}
return 0;