diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2023-08-29 15:00:44 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2023-09-07 19:23:06 +0000 |
| commit | c34ca43649db9f6d73a55a4e6c7fad832f7b4383 (patch) | |
| tree | 4ada4d4d44b7f2bf1761a7ec1e4f9a7bef4f246b | |
| parent | 27968aa02206baf85314305116fd63d55a3bebf4 (diff) | |
| download | src-c34ca43649db9f6d73a55a4e6c7fad832f7b4383.tar.gz src-c34ca43649db9f6d73a55a4e6c7fad832f7b4383.zip | |
pf (t)ftp-proxy: use libpfctl instead of DIOCGETSTATUS
Prefer libpfctl functions over direct access to the ioctl whenever
possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as
there already is an nvlist-based alternative.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41647
(cherry picked from commit ddd08375c85576b49fb9a34968ba2c2f4f8d56cf)
| -rw-r--r-- | contrib/pf/ftp-proxy/filter.c | 9 | ||||
| -rw-r--r-- | contrib/pf/tftp-proxy/filter.c | 9 |
2 files changed, 12 insertions, 6 deletions
diff --git a/contrib/pf/ftp-proxy/filter.c b/contrib/pf/ftp-proxy/filter.c index e4787985e99f..4277e079f3be 100644 --- a/contrib/pf/ftp-proxy/filter.c +++ b/contrib/pf/ftp-proxy/filter.c @@ -169,7 +169,7 @@ do_rollback(void) void init_filter(const char *opt_qname, const char *opt_tagname, int opt_verbose) { - struct pf_status status; + struct pfctl_status *status; qname = opt_qname; tagname = opt_tagname; @@ -182,10 +182,13 @@ init_filter(const char *opt_qname, const char *opt_tagname, int opt_verbose) dev = open("/dev/pf", O_RDWR); if (dev == -1) err(1, "open /dev/pf"); - if (ioctl(dev, DIOCGETSTATUS, &status) == -1) + status = pfctl_get_status(dev); + if (status == NULL) err(1, "DIOCGETSTATUS"); - if (!status.running) + if (!status->running) errx(1, "pf is disabled"); + + pfctl_free_status(status); } int diff --git a/contrib/pf/tftp-proxy/filter.c b/contrib/pf/tftp-proxy/filter.c index 1689d3465fd3..966628464d28 100644 --- a/contrib/pf/tftp-proxy/filter.c +++ b/contrib/pf/tftp-proxy/filter.c @@ -173,7 +173,7 @@ do_rollback(void) void init_filter(char *opt_qname, int opt_verbose) { - struct pf_status status; + struct pfctl_status *status; qname = opt_qname; @@ -187,14 +187,17 @@ init_filter(char *opt_qname, int opt_verbose) syslog(LOG_ERR, "can't open /dev/pf"); exit(1); } - if (ioctl(dev, DIOCGETSTATUS, &status) == -1) { + status = pfctl_get_status(dev); + if (status == NULL) { syslog(LOG_ERR, "DIOCGETSTATUS"); exit(1); } - if (!status.running) { + if (!status->running) { syslog(LOG_ERR, "pf is disabled"); exit(1); } + + pfctl_free_status(status); } int |