From owner-freebsd-pf@freebsd.org  Sun Jul 31 20:46:49 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 33800BA895D
 for <freebsd-pf@mailman.ysv.freebsd.org>; Sun, 31 Jul 2016 20:46:49 +0000 (UTC)
 (envelope-from kp@FreeBSD.org)
Received: from venus.codepro.be (venus.codepro.be [IPv6:2a01:4f8:162:1127::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits))
 (Client CN "*.codepro.be", Issuer "Gandi Standard SSL CA 2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id F31AA14C0
 for <freebsd-pf@freebsd.org>; Sun, 31 Jul 2016 20:46:48 +0000 (UTC)
 (envelope-from kp@FreeBSD.org)
Received: from [10.0.2.164] (unknown
 [IPv6:2a02:1811:2419:4e02:6912:cf17:38bf:c5ab])
 (Authenticated sender: kp)
 by venus.codepro.be (Postfix) with ESMTPSA id D41E2CF43;
 Sun, 31 Jul 2016 22:46:45 +0200 (CEST)
From: "Kristof Provost" <kp@FreeBSD.org>
To: "Radek =?utf-8?q?Krej=C4=8Da?=" <radek.krejca@starnet.cz>
Cc: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org>
Subject: Re: How to set tos to 0
Date: Sun, 31 Jul 2016 22:46:45 +0200
Message-ID: <19EA8000-0945-40D0-8A9E-D33E5397D8CC@FreeBSD.org>
In-Reply-To: <AAA772390F662049B3046CA8C662C08506A4BC5E@EXCHANGE.mail.starnet.cz>
References: <AAA772390F662049B3046CA8C662C08506A4BC5E@EXCHANGE.mail.starnet.cz>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (2.0BETAr6042)
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jul 2016 20:46:49 -0000

On 31 Jul 2016, at 19:46, Radek Krejča wrote:
> I need to set TOS to 0 and remark it with rules.
>
> I am trying to use scrub to set tos to 0, but I have problem:
>
> scrub all fragment reassemble no-df set-tos 0
>
> give Illegal value
>
> but scrub all fragment reassemble no-df set-tos 1
> is working.
>
> I am trying 0x00, 0x0 and still the same.
>
> How can I set TOS to 0?
>
I think you may have found a bug.

Can you give this patch a try?

diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index e0cfa3d..980976e 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -3593,8 +3593,8 @@ tos       : STRING                        {
                         else if ($1[0] == '0' && $1[1] == 'x')
                                 $$ = strtoul($1, NULL, 16);
                         else
-                               $$ = 0;         /* flag bad argument */
-                       if (!$$ || $$ > 255) {
+                               $$ = 256;               /* flag bad 
argument */
+                       if ($$ < 0 || $$ > 255) {
                                 yyerror("illegal tos value %s", $1);
                                 free($1);
                                 YYERROR;
@@ -3603,7 +3603,7 @@ tos       : STRING                        {
                 }
                 | NUMBER                        {
                         $$ = $1;
-                       if (!$$ || $$ > 255) {
+                       if ($$ < 0 || $$ > 255) {
                                 yyerror("illegal tos value %s", $1);
                                 YYERROR;
                         }

Regards,
Kristof