diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2021-03-10 10:10:04 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2021-03-19 22:38:33 +0000 |
| commit | 0fd2e729f8c69e25ec8e7951db3fa671f3ee4809 (patch) | |
| tree | 700048c90ed5185b7b03c836b429480e0ca98018 | |
| parent | 0cb6fa6acc93231242ef40e77518a9016ef4076a (diff) | |
| download | src-0fd2e729f8c69e25ec8e7951db3fa671f3ee4809.tar.gz src-0fd2e729f8c69e25ec8e7951db3fa671f3ee4809.zip | |
pf: Factor out pf_krule_free()
Reviewed by: melifaro@
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29194
(cherry picked from commit 5e9dae8e149ae8848f52148b665f3a0d031ca40f)
| -rw-r--r-- | sys/net/pfvar.h | 2 | ||||
| -rw-r--r-- | sys/netpfil/pf/pf_ioctl.c | 50 |
2 files changed, 23 insertions, 29 deletions
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 9c8c642a6ace..d2928994613c 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1639,6 +1639,8 @@ void pf_remove_if_empty_kruleset(struct pf_kruleset *); struct pf_kruleset *pf_find_kruleset(const char *); struct pf_kruleset *pf_find_or_create_kruleset(const char *); void pf_rs_initialize(void); + +void pf_krule_free(struct pf_krule *); #endif /* The fingerprint functions can be linked into userland programs (tcpdump) */ diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index c32a961f5a0b..5f9eb771d0e0 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -466,15 +466,8 @@ pf_free_rule(struct pf_krule *rule) pfi_kkif_unref(rule->kif); pf_kanchor_remove(rule); pf_empty_kpool(&rule->rpool.list); - counter_u64_free(rule->evaluations); - for (int i = 0; i < 2; i++) { - counter_u64_free(rule->packets[i]); - counter_u64_free(rule->bytes[i]); - } - counter_u64_free(rule->states_cur); - counter_u64_free(rule->states_tot); - counter_u64_free(rule->src_nodes); - free(rule, M_PFRULE); + + pf_krule_free(rule); } static void @@ -1435,6 +1428,23 @@ pf_altq_get_nth_active(u_int32_t n) } #endif /* ALTQ */ +void +pf_krule_free(struct pf_krule *rule) +{ + if (rule == NULL) + return; + + counter_u64_free(rule->evaluations); + for (int i = 0; i < 2; i++) { + counter_u64_free(rule->packets[i]); + counter_u64_free(rule->bytes[i]); + } + counter_u64_free(rule->states_cur); + counter_u64_free(rule->states_tot); + counter_u64_free(rule->src_nodes); + free(rule, M_PFRULE); +} + static void pf_kpooladdr_to_pooladdr(const struct pf_kpooladdr *kpool, struct pf_pooladdr *pool) @@ -1990,15 +2000,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td #undef ERROUT DIOCADDRULE_error: PF_RULES_WUNLOCK(); - counter_u64_free(rule->evaluations); - for (int i = 0; i < 2; i++) { - counter_u64_free(rule->packets[i]); - counter_u64_free(rule->bytes[i]); - } - counter_u64_free(rule->states_cur); - counter_u64_free(rule->states_tot); - counter_u64_free(rule->src_nodes); - free(rule, M_PFRULE); + pf_krule_free(rule); if (kif) pf_kkif_free(kif); break; @@ -2297,17 +2299,7 @@ DIOCADDRULE_error: #undef ERROUT DIOCCHANGERULE_error: PF_RULES_WUNLOCK(); - if (newrule != NULL) { - counter_u64_free(newrule->evaluations); - for (int i = 0; i < 2; i++) { - counter_u64_free(newrule->packets[i]); - counter_u64_free(newrule->bytes[i]); - } - counter_u64_free(newrule->states_cur); - counter_u64_free(newrule->states_tot); - counter_u64_free(newrule->src_nodes); - free(newrule, M_PFRULE); - } + pf_krule_free(newrule); if (kif != NULL) pf_kkif_free(kif); break; |