ipfilter: Adjust userland returns to conform to style(9)

Adjust ipfilter's userland return statements to conform to style(9).

MFC after:	1 month

6 files changed, 113 insertions, 96 deletions

diff --git a/sbin/ipf/ipf/bpf_filter.c b/sbin/ipf/ipf/bpf_filter.c
index 85a38a88bf57..32d144b492ce 100644
--- a/sbin/ipf/ipf/bpf_filter.c
+++ b/sbin/ipf/ipf/bpf_filter.c
@@ -111,7 +111,7 @@ static int m_xhalf(mb_t *, int, int *);
 		(_k) -= len; \
 		(_m) = (_m)->m_next; \
 		if ((_m) == 0) \
-			return 0; \
+			return(0); \
 		len = M_LEN(m); \
 	} \
 }
@@ -129,7 +129,7 @@ m_xword(m, k, err)
 	cp = MTOD(m, u_char *) + k;
 	if (len - k >= 4) {
 		*err = 0;
-		return EXTRACT_LONG(cp);
+		return(EXTRACT_LONG(cp));
 	}
 	m0 = m->m_next;
 	if (m0 == NULL || M_LEN(m0) + len - k < 4)
@@ -139,17 +139,17 @@ m_xword(m, k, err)
 	switch (len - k) {
 
 	case 1:
-		return (cp[0] << 24) | (np[0] << 16) | (np[1] << 8) | np[2];
+		return(cp[0] << 24) | (np[0] << 16) | (np[1] << 8) | np[2];
 
 	case 2:
-		return (cp[0] << 24) | (cp[1] << 16) | (np[0] << 8) | np[1];
+		return(cp[0] << 24) | (cp[1] << 16) | (np[0] << 8) | np[1];
 
 	default:
-		return (cp[0] << 24) | (cp[1] << 16) | (cp[2] << 8) | np[0];
+		return(cp[0] << 24) | (cp[1] << 16) | (cp[2] << 8) | np[0];
 	}
     bad:
 	*err = 1;
-	return 0;
+	return(0);
 }
 
 static int
@@ -165,16 +165,16 @@ m_xhalf(m, k, err)
 	cp = MTOD(m, u_char *) + k;
 	if (len - k >= 2) {
 		*err = 0;
-		return EXTRACT_SHORT(cp);
+		return(EXTRACT_SHORT(cp));
 	}
 	m0 = m->m_next;
 	if (m0 == NULL)
 		goto bad;
 	*err = 0;
-	return (cp[0] << 8) | MTOD(m0, u_char *)[0];
+	return(cp[0] << 8) | MTOD(m0, u_char *)[0];
  bad:
 	*err = 1;
-	return 0;
+	return(0);
 }
 
 /*
@@ -209,7 +209,7 @@ bpf_filter(pc, p, wirelen, buflen)
 		/*
 		 * No filter means accept all.
 		 */
-		return (u_int)-1;
+		return(u_int)-1;
 	A = 0;
 	X = 0;
 	--pc;
@@ -218,21 +218,21 @@ bpf_filter(pc, p, wirelen, buflen)
 		switch (pc->code) {
 
 		default:
-			return 0;
+			return(0);
 		case BPF_RET|BPF_K:
-			return (u_int)pc->k;
+			return(u_int)pc->k;
 
 		case BPF_RET|BPF_A:
-			return (u_int)A;
+			return(u_int)A;
 
 		case BPF_LD|BPF_W|BPF_ABS:
 			k = pc->k;
 			if (k + sizeof(int32) > buflen) {
 				if (m == NULL)
-					return 0;
+					return(0);
 				A = m_xword(m, k, &merr);
 				if (merr != 0)
-					return 0;
+					return(0);
 				continue;
 			}
 			A = EXTRACT_LONG(&p[k]);
@@ -242,10 +242,10 @@ bpf_filter(pc, p, wirelen, buflen)
 			k = pc->k;
 			if (k + sizeof(short) > buflen) {
 				if (m == NULL)
-					return 0;
+					return(0);
 				A = m_xhalf(m, k, &merr);
 				if (merr != 0)
-					return 0;
+					return(0);
 				continue;
 			}
 			A = EXTRACT_SHORT(&p[k]);
@@ -255,7 +255,7 @@ bpf_filter(pc, p, wirelen, buflen)
 			k = pc->k;
 			if (k >= buflen) {
 				if (m == NULL)
-					return 0;
+					return(0);
 				n = m;
 				MINDEX(len, n, k);
 				A = MTOD(n, u_char *)[k];
@@ -276,10 +276,10 @@ bpf_filter(pc, p, wirelen, buflen)
 			k = X + pc->k;
 			if (k + sizeof(int32) > buflen) {
 				if (m == NULL)
-					return 0;
+					return(0);
 				A = m_xword(m, k, &merr);
 				if (merr != 0)
-					return 0;
+					return(0);
 				continue;
 			}
 			A = EXTRACT_LONG(&p[k]);
@@ -289,10 +289,10 @@ bpf_filter(pc, p, wirelen, buflen)
 			k = X + pc->k;
 			if (k + sizeof(short) > buflen) {
 				if (m == NULL)
-					return 0;
+					return(0);
 				A = m_xhalf(m, k, &merr);
 				if (merr != 0)
-					return 0;
+					return(0);
 				continue;
 			}
 			A = EXTRACT_SHORT(&p[k]);
@@ -302,7 +302,7 @@ bpf_filter(pc, p, wirelen, buflen)
 			k = X + pc->k;
 			if (k >= buflen) {
 				if (m == NULL)
-					return 0;
+					return(0);
 				n = m;
 				MINDEX(len, n, k);
 				A = MTOD(n, u_char *)[k];
@@ -315,7 +315,7 @@ bpf_filter(pc, p, wirelen, buflen)
 			k = pc->k;
 			if (k >= buflen) {
 				if (m == NULL)
-					return 0;
+					return(0);
 				n = m;
 				MINDEX(len, n, k);
 				X = (MTOD(n, char *)[k] & 0xf) << 2;
@@ -398,7 +398,7 @@ bpf_filter(pc, p, wirelen, buflen)
 
 		case BPF_ALU|BPF_DIV|BPF_X:
 			if (X == 0)
-				return 0;
+				return(0);
 			A /= X;
 			continue;
 
@@ -486,10 +486,10 @@ bpf_validate(f, len)
 	const struct bpf_insn *p;
 
 	if (len == 0)
-		return 1;
+		return(1);
 
 	if (len < 1 || len > BPF_MAXINSNS)
-		return 0;
+		return(0);
 
 	for (i = 0; i < len; ++i) {
 		p = &f[i];
@@ -511,23 +511,23 @@ bpf_validate(f, len)
 				 */
 #if 0
 				if (p->k >= bpf_maxbufsize)
-					return 0;
+					return(0);
 #endif
 				break;
 			case BPF_MEM:
 				if (p->k >= BPF_MEMWORDS)
-					return 0;
+					return(0);
 				break;
 			case BPF_LEN:
 				break;
 			default:
-				return 0;
+				return(0);
 			}
 			break;
 		case BPF_ST:
 		case BPF_STX:
 			if (p->k >= BPF_MEMWORDS)
-				return 0;
+				return(0);
 			break;
 		case BPF_ALU:
 			switch (BPF_OP(p->code)) {
@@ -544,9 +544,9 @@ bpf_validate(f, len)
 				 * Check for constant division by 0.
 				 */
 				if (BPF_RVAL(p->code) == BPF_K && p->k == 0)
-					return 0;
+					return(0);
 			default:
-				return 0;
+				return(0);
 			}
 			break;
 		case BPF_JMP:
@@ -570,17 +570,17 @@ bpf_validate(f, len)
 			switch (BPF_OP(p->code)) {
 			case BPF_JA:
 				if (from + p->k < from || from + p->k >= len)
-					return 0;
+					return(0);
 				break;
 			case BPF_JEQ:
 			case BPF_JGT:
 			case BPF_JGE:
 			case BPF_JSET:
 				if (from + p->jt >= len || from + p->jf >= len)
-					return 0;
+					return(0);
 				break;
 			default:
-				return 0;
+				return(0);
 			}
 			break;
 		case BPF_RET:
@@ -588,8 +588,8 @@ bpf_validate(f, len)
 		case BPF_MISC:
 			break;
 		default:
-			return 0;
+			return(0);
 		}
 	}
-	return BPF_CLASS(f[len - 1].code) == BPF_RET;
+	return(BPF_CLASS(f[len - 1].code) == BPF_RET);
 }
diff --git a/sbin/ipf/ipf/ipf.4 b/sbin/ipf/ipf/ipf.4
index 73a17a0cc8d3..559e48a3c6a5 100644
--- a/sbin/ipf/ipf/ipf.4
+++ b/sbin/ipf/ipf/ipf.4
@@ -91,7 +91,7 @@ typedef struct  frentry {
         u_short fr_skip;        /* # of rules to skip */
         u_short fr_loglevel;    /* syslog log facility + priority */
         int     (*fr_func)(int, ip_t *, fr_info_t *));
-        char    fr_icode;       /* return ICMP code */
+(        char    fr_icode;       /* return ICMP code */);
         char    fr_ifname[IFNAMSIZ];
 #ifdef BSD
         char    fr_oifname[IFNAMSIZ];
@@ -118,8 +118,8 @@ Flags which are recognised in fr_flags:
      FR_LOGP         0x000012   /* Log-pass */
      FR_LOGBODY      0x000020   /* log the body of packets too */
      FR_LOGFIRST     0x000040   /* log only the first packet to match */
-     FR_RETRST       0x000080   /* return a TCP RST packet if blocked */
-     FR_RETICMP      0x000100   /* return an ICMP packet if blocked */
+(     FR_RETRST       0x000080   /* return a TCP RST packet if blocked */);
+(     FR_RETICMP      0x000100   /* return an ICMP packet if blocked */);
      FR_FAKEICMP     0x00180    /* Return ICMP unreachable with fake source */
      FR_NOMATCH      0x000200   /* no match occured */
      FR_ACCOUNT      0x000400   /* count packet bytes */
@@ -210,7 +210,7 @@ struct	filterstats {
         u_long  fr_npkl;        /* packets unmatched and logged */
         u_long  fr_pkl;         /* packets logged */
         u_long  fr_skip;        /* packets to be logged but buffer full */
-        u_long  fr_ret;         /* packets for which a return is sent */
+(        u_long  fr_ret;         /* packets for which a return is sent */);
         u_long  fr_acct;        /* packets for which counting was performed */
         u_long  fr_bnfr;        /* bad attempts to allocate fragment state */
         u_long  fr_nfr;         /* new fragment state kept */
diff --git a/sbin/ipf/ipf/ipf.5 b/sbin/ipf/ipf/ipf.5
index 8ef56493df5a..2b5d756531eb 100644
--- a/sbin/ipf/ipf/ipf.5
+++ b/sbin/ipf/ipf/ipf.5
@@ -108,7 +108,7 @@ auth
 rules cause the matching packet to be queued up for processing by a
 user space program. The user space program is responsible for making
 an ioctl system call to collect the information about the queued
-packet and another ioctl system call to return the verdict (block,
+packet( and another ioctl system call to return the verdict (block,);
 pass, etc) on what to do with the packet. In the event that the queue
 becomes full, the packets will end up being dropped.
 .HP
@@ -224,7 +224,7 @@ To address this problem, a block rule can be qualified in two ways.
 The first of these is specific to TCP and instructs IPFilter to send back
 a reset (RST) packet. This packet indicates to the remote system that the
 packet it sent has been rejected and that it shouldn't make any further
-attempts to send packets to that port. Telling IPFilter to return a TCP
+attempts( to send packets to that port. Telling IPFilter to return a TCP);
 RST packet in response to something that has been received is achieved
 with the return-rst keyword like this:
 .PP
@@ -240,18 +240,18 @@ For all of the other protocols handled by the IP protocol suite, to send
 back an error indicating that the received packet was dropped requires
 sending back an ICMP error packet. Whilst these can also be used for TCP,
 the sending host may not treat the received ICMP error as a hard error
-in the same way as it does the TCP RST packet. To return an ICMP error
+in( the same way as it does the TCP RST packet. To return an ICMP error);
 it is necessary to place return-icmp after the block keyword like this:
 .PP
 .nf
 block return-icmp in proto udp from any to 192.168.0.1/24
 .fi
 .PP
-When electing to return an ICMP error packet, it is also possible to
+When( electing to return an ICMP error packet, it is also possible to);
 select what type of ICMP error is returned. Whilst the full compliment
 of ICMP unreachable codes can be used by specifying a number instead of
 the string below, only the following should be used in conjunction with
-return-icmp. Which return code to use is a choice to be made when
+return-icmp.( Which return code to use is a choice to be made when);
 weighing up the pro's and con's. Using some of the codes may make it
 more obvious that a firewall is being used rather than just the host
 not responding.
diff --git a/sbin/ipf/ipf/ipf.c b/sbin/ipf/ipf/ipf.c
index 3567a82484fb..0cd393f37d5e 100644
--- a/sbin/ipf/ipf/ipf.c
+++ b/sbin/ipf/ipf/ipf.c
@@ -174,11 +174,11 @@ static int
 opendevice(char *ipfdev, int check)
 {
 	if (opts & OPT_DONOTHING)
-		return -2;
+		return(-2);
 
 	if (check && checkrev(ipfname) == -1) {
 		fprintf(stderr, "User/kernel version check failed\n");
-		return -2;
+		return(-2);
 	}
 
 	if (!ipfdev)
@@ -188,7 +188,7 @@ opendevice(char *ipfdev, int check)
 		if ((fd = open(ipfdev, O_RDWR)) == -1)
 			if ((fd = open(ipfdev, O_RDONLY)) == -1)
 				ipferror(fd, "open device");
-	return fd;
+	return(fd);
 }
 
 
@@ -208,9 +208,9 @@ get_flags(void)
 	if ((opendevice(ipfname, 1) != -2) &&
 	    (ioctl(fd, SIOCGETFF, &i) == -1)) {
 		ipferror(fd, "SIOCGETFF");
-		return 0;
+		return(0);
 	}
-	return i;
+	return(i);
 }
 
 
@@ -256,7 +256,7 @@ ipf_interceptadd(int fd, ioctlfunc_t ioctlfunc, void *ptr)
 
 	if (ipf_addrule(fd, ioctlfunc, ptr) != 0)
 		exitstatus = 1;
-	return 0;
+	return(0);
 }
 
 
@@ -527,13 +527,13 @@ showversion(void)
 
 	if ((vfd = open(ipfname, O_RDONLY)) == -1) {
 		perror("open device");
-		return 1;
+		return(1);
 	}
 
 	if (ioctl(vfd, SIOCGETFS, &ipfo)) {
 		ipferror(vfd, "ioctl(SIOCGETFS)");
 		close(vfd);
-		return 1;
+		return(1);
 	}
 	close(vfd);
 	flags = get_flags();
@@ -574,5 +574,5 @@ showversion(void)
 	printf("Active list: %d\n", fio.f_active);
 	printf("Feature mask: %#x\n", fio.f_features);
 
-	return 0;
+	return(0);
 }
diff --git a/sbin/ipf/ipf/ipfcomp.c b/sbin/ipf/ipf/ipfcomp.c
index 105ff2b852e8..19a61c8bb0e0 100644
--- a/sbin/ipf/ipf/ipfcomp.c
+++ b/sbin/ipf/ipf/ipfcomp.c
@@ -62,8 +62,8 @@ static	FILE	*cfile = NULL;
  * This is called once per filter rule being loaded to emit data structures
  * required.
  */
-void
-printc(frentry_t *fr)
+void printc(fr)
+	frentry_t *fr;
 {
 	u_long *ulp;
 	char *and;
@@ -162,8 +162,9 @@ printc(frentry_t *fr)
 static frgroup_t *groups = NULL;
 
 
-static void
-addrule(FILE *fp, frentry_t *fr)
+static void addrule(fp, fr)
+	FILE *fp;
+	frentry_t *fr;
 {
 	frentry_t *f, **fpp;
 	frgroup_t *g;
@@ -242,27 +243,30 @@ static u_long ipf%s_rule_data_%s_%u[] = {\n",
 }
 
 
-int
-intcmp(const void *c1, const void *c2)
+int intcmp(c1, c2)
+	const void *c1, *c2;
 {
 	const mc_t *i1 = (const mc_t *)c1, *i2 = (const mc_t *)c2;
 
 	if (i1->n == i2->n) {
-		return i1->c - i2->c;
+		return(i1->c - i2->c);
 	}
-	return i2->n - i1->n;
+	return(i2->n - i1->n);
 }
 
 
-static void
-indent(FILE *fp, int in)
+static void indent(fp, in)
+	FILE *fp;
+	int in;
 {
 	for (; in; in--)
 		fputc('\t', fp);
 }
 
-static void
-printeq(FILE *fp, char *var, int m, int max, int v)
+static void printeq(fp, var, m, max, v)
+	FILE *fp;
+	char *var;
+	int m, max, v;
 {
 	if (m == max)
 		fprintf(fp, "%s == %#x) {\n", var, v);
@@ -276,8 +280,10 @@ printeq(FILE *fp, char *var, int m, int max, int v)
  *             m - netmask
  *             v - required address
  */
-static void
-printipeq(FILE *fp, char *var, int fl, int m, int v)
+static void printipeq(fp, var, fl, m, v)
+	FILE *fp;
+	char *var;
+	int fl, m, v;
 {
 	if (m == 0xffffffff)
 		fprintf(fp, "%s ", var);
@@ -288,8 +294,10 @@ printipeq(FILE *fp, char *var, int fl, int m, int v)
 }
 
 
-void
-emit(int num, int dir, void *v, frentry_t *fr)
+void emit(num, dir, v, fr)
+	int num, dir;
+	void *v;
+	frentry_t *fr;
 {
 	u_int incnt, outcnt;
 	frgroup_t *g;
@@ -338,8 +346,9 @@ emit(int num, int dir, void *v, frentry_t *fr)
 }
 
 
-static void
-emitheader(frgroup_t *grp, u_int incount, u_int outcount)
+static void emitheader(grp, incount, outcount)
+	frgroup_t *grp;
+	u_int incount, outcount;
 {
 	static FILE *fph = NULL;
 	frgroup_t *g;
@@ -392,8 +401,7 @@ extern int ipfrule_remove_out_%s(void));\n",
 	}
 }
 
-static void
-emittail(void)
+static void emittail()
 {
 	frgroup_t *g;
 
@@ -406,10 +414,10 @@ int ipfrule_add()\n\
 		fprintf(cfile, "\
 	err = ipfrule_add_%s_%s();\n\
 	if (err != 0)\n\
-		return err;\n",
+		return(err);\n",
 			(g->fg_flags & FR_INQUE) ? "in" : "out", g->fg_name);
 	fprintf(cfile, "\
-	return 0;\n");
+	return(0);\n");
 	fprintf(cfile, "}\n\
 \n");
 
@@ -422,17 +430,20 @@ int ipfrule_remove()\n\
 		fprintf(cfile, "\
 	err = ipfrule_remove_%s_%s();\n\
 	if (err != 0)\n\
-		return err;\n",
+		return(err);\n",
 			(g->fg_flags & FR_INQUE) ? "in" : "out", g->fg_name);
 	fprintf(cfile, "\
-	return 0;\n");
+	return(0);\n");
 	fprintf(cfile, "}\n");
 }
 
 
-static void
-emitGroup(int num, int dir, void *v, frentry_t *fr, char *group,
-	u_int incount, u_int outcount)
+static void emitGroup(num, dir, v, fr, group, incount, outcount)
+	int num, dir;
+	void *v;
+	frentry_t *fr;
+	char *group;
+	u_int incount, outcount;
 {
 	static FILE *fp = NULL;
 	static int header[2] = { 0, 0 };
@@ -456,7 +467,7 @@ emitGroup(int num, int dir, void *v, frentry_t *fr, char *group,
 			fprintf(fp, "}\n");
 		}
 		if (openfunc == 1) {
-			fprintf(fp, "\treturn fr;\n}\n");
+			fprintf(fp, "\treturn(fr);\n}\n");
 			openfunc = 0;
 			if (n != NULL) {
 				free(n);
@@ -477,7 +488,7 @@ emitGroup(int num, int dir, void *v, frentry_t *fr, char *group,
 			fprintf(fp, "}\n");
 		}
 		if (openfunc == 1) {
-			fprintf(fp, "\treturn fr;\n}\n");
+			fprintf(fp, "\treturn(fr);\n}\n");
 			openfunc = 0;
 		}
 	}
@@ -930,7 +941,7 @@ emitGroup(int num, int dir, void *v, frentry_t *fr, char *group,
 
 	indent(fp, in);
 	if (fr->fr_flags & FR_QUICK) {
-		fprintf(fp, "return (frentry_t *)&%s_rule_%s_%d;\n",
+		fprintf(fp, "return((frentry_t *)&%s_rule_%s_%d);\n",
 			fr->fr_flags & FR_INQUE ? "in" : "out",
 			FR_NAME(fr, fr_group), num);
 	} else {
@@ -945,8 +956,8 @@ emitGroup(int num, int dir, void *v, frentry_t *fr, char *group,
 }
 
 
-void
-printC(int dir)
+void printC(dir)
+	int dir;
 {
 	static mc_t *m = NULL;
 	frgroup_t *g;
@@ -968,8 +979,11 @@ printC(int dir)
 /*
  * Now print out code to implement all of the rules.
  */
-static void
-printCgroup(int dir, frentry_t *top, mc_t *m, char *group)
+static void printCgroup(dir, top, m, group)
+	int dir;
+	frentry_t *top;
+	mc_t *m;
+	char *group;
 {
 	frentry_t *fr, *fr1;
 	int i, n, rn;
@@ -1215,8 +1229,11 @@ printCgroup(int dir, frentry_t *top, mc_t *m, char *group)
 	}
 }
 
-static void
-printhooks(FILE *fp, int in, int out, frgroup_t *grp)
+static void printhooks(fp, in, out, grp)
+	FILE *fp;
+	int in;
+	int out;
+	frgroup_t *grp;
 {
 	frentry_t *fr;
 	char *group;
@@ -1311,7 +1328,7 @@ int ipfrule_add_%s_%s()\n", instr, group);
 	err = frrequest(&ipfmain, IPL_LOGIPF, SIOCADDFR, (caddr_t)fp,\n\
 			ipfmain.ipf_active, 0);\n",
 			instr, group);
-	fprintf(fp, "\treturn err;\n}\n");
+	fprintf(fp, "\treturn(err);\n}\n");
 
 	fprintf(fp, "\n\n\
 int ipfrule_remove_%s_%s()\n", instr, group);
@@ -1348,8 +1365,8 @@ int ipfrule_remove_%s_%s()\n", instr, group);
 		instr, group, instr, group, instr, group);
 	fprintf(fp, "\
 	if (err)\n\
-		return err;\n\
+		return(err);\n\
 \n\n");
 
-	fprintf(fp, "\treturn err;\n}\n");
+	fprintf(fp, "\treturn(err);\n}\n");
 }
diff --git a/sbin/ipf/ipf/ipl.4 b/sbin/ipf/ipf/ipl.4
index da1d9e61ce0f..696b2aa4533b 100644
--- a/sbin/ipf/ipf/ipl.4
+++ b/sbin/ipf/ipf/ipl.4
@@ -68,7 +68,7 @@ The ioctls which are for use with logging and don't affect the filter are:
 The SIOCIPFFB ioctl flushes the log buffer and returns the number of bytes
 flushed.  FIONREAD returns the number of bytes currently used for storing
 log data.  If IPFILTER_LOG is not defined when compiling, SIOCIPFFB is not
-available and FIONREAD will return but not do anything.
+available( and FIONREAD will return but not do anything.);
 .PP
 There is currently no support for non-blocking IO with this device, meaning
 all read operations should be considered blocking in nature (if there is no