diff options
author | Kristof Provost <kp@FreeBSD.org> | 2021-04-08 08:31:46 +0000 |
---|---|---|
committer | Kristof Provost <kp@FreeBSD.org> | 2021-05-07 08:15:42 +0000 |
commit | 6fd48efd8d6d4a6fc12e60baf9ea717034b40eca (patch) | |
tree | 72fd0425f42afb28d40d7049d88f902d95c4c04c /usr.sbin | |
parent | c3f3f537715c918bdf50f7ec8548ba7ad2778036 (diff) | |
download | src-6fd48efd8d6d4a6fc12e60baf9ea717034b40eca.tar.gz src-6fd48efd8d6d4a6fc12e60baf9ea717034b40eca.zip |
libpfctl: Switch to pfctl_rule
Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule.
Now that we use nvlists to communicate with the kernel these structures
can be fully decoupled.
Reviewed by: glebius
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29644
(cherry picked from commit e9eb09414a8de8f3329f51b48c90a5e5ac8f09cf)
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c index dc55c730bc5f..018f3751ca57 100644 --- a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c +++ b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c @@ -1515,6 +1515,7 @@ static int pfl_scan_ruleset(const char *path) { struct pfioc_rule pr; + struct pfctl_rule rule; struct pfl_entry *e; u_int32_t nr, i; @@ -1529,14 +1530,14 @@ pfl_scan_ruleset(const char *path) for (nr = pr.nr, i = 0; i < nr; i++) { pr.nr = i; - if (pfctl_add_rule(dev, &pr.rule, pr.anchor, pr.anchor_call, + if (pfctl_add_rule(dev, &rule, pr.anchor, pr.anchor_call, pr.ticket, pr.pool_ticket)) { syslog(LOG_ERR, "pfl_scan_ruleset: ioctl(DIOCGETRULE):" " %s", strerror(errno)); goto err; } - if (pr.rule.label[0]) { + if (rule.label[0]) { e = (struct pfl_entry *)malloc(sizeof(*e)); if (e == NULL) goto err; @@ -1544,13 +1545,13 @@ pfl_scan_ruleset(const char *path) strlcpy(e->name, path, sizeof(e->name)); if (path[0]) strlcat(e->name, "/", sizeof(e->name)); - strlcat(e->name, pr.rule.label, sizeof(e->name)); + strlcat(e->name, rule.label, sizeof(e->name)); - e->evals = pr.rule.evaluations; - e->bytes[IN] = pr.rule.bytes[IN]; - e->bytes[OUT] = pr.rule.bytes[OUT]; - e->pkts[IN] = pr.rule.packets[IN]; - e->pkts[OUT] = pr.rule.packets[OUT]; + e->evals = rule.evaluations; + e->bytes[IN] = rule.bytes[IN]; + e->bytes[OUT] = rule.bytes[OUT]; + e->pkts[IN] = rule.packets[IN]; + e->pkts[OUT] = rule.packets[OUT]; e->index = ++pfl_table_count; TAILQ_INSERT_TAIL(&pfl_table, e, link); |