Page MenuHomeFreeBSD
Differential D40512

ipfw: simplify action parsing
Needs ReviewPublic
Actions

Authored by melifaro on Jun 13 2023, 2:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Nov 6 2025, 9:23 PM
Unknown Object (File)
Nov 5 2025, 1:06 AM
Unknown Object (File)
Oct 22 2025, 2:19 AM
Unknown Object (File)
Oct 22 2025, 2:19 AM
Unknown Object (File)
Oct 22 2025, 2:19 AM
Unknown Object (File)
Oct 21 2025, 2:42 PM
Unknown Object (File)
Oct 9 2025, 5:51 AM
Unknown Object (File)
Oct 7 2025, 3:11 PM
View All 71 Files
Subscribers
ae
donner
glebius
imp

Details

Reviewers
ae
Group Reviewers
network
Summary

This is one of the pre-requisites of splitting compile_rule().

One of the complexities that compile_rule() handle is the instruction reordering.
For example, action needs to go to the end of the rule, despite the fact it is in the beginning.
compile_rule() handles it by having static buffers (actbuf, rulebuf, rcmd) and pointers to the specific commands (state, log, etc).

This diff introduces the special ipfw_rule context, which allows to allocate type-specific buffers, removing the need to reorder commands in the end. It also paves the way to creating libipfw library by creating the ipfw_context object.

This diff uses the new primitives to parse all action commands, removing the actbuf entirely & reducing the dependencies between action parsing and command parsing.

The following diffs will follow this approach and convert the other parts of compile_rule() to the same pattern.

Test Plan
14:43 [0] m@devel0 s kyua test -k /usr/tests/sbin/ipfw/Kyuafile
test_add_rule.py:TestAddRule::test_add_action[abort6]  ->  passed  [0.230s]
test_add_rule.py:TestAddRule::test_add_action[abort]  ->  passed  [0.229s]
test_add_rule.py:TestAddRule::test_add_action[accept]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_action[call_420]  ->  passed  [0.229s]
test_add_rule.py:TestAddRule::test_add_action[count]  ->  passed  [0.260s]
test_add_rule.py:TestAddRule::test_add_action[deny]  ->  passed  [0.258s]
test_add_rule.py:TestAddRule::test_add_action[divert_42]  ->  passed  [0.230s]
test_add_rule.py:TestAddRule::test_add_action[divert_natd]  ->  passed  [0.233s]
test_add_rule.py:TestAddRule::test_add_action[netgraph_42]  ->  passed  [0.247s]
test_add_rule.py:TestAddRule::test_add_action[ngtee_42]  ->  passed  [0.268s]
test_add_rule.py:TestAddRule::test_add_action[pipe_42]  ->  passed  [0.239s]
test_add_rule.py:TestAddRule::test_add_action[queue_42]  ->  passed  [0.257s]
test_add_rule.py:TestAddRule::test_add_action[reass]  ->  passed  [0.229s]
test_add_rule.py:TestAddRule::test_add_action[reject]  ->  passed  [0.230s]
test_add_rule.py:TestAddRule::test_add_action[reset6]  ->  passed  [0.233s]
test_add_rule.py:TestAddRule::test_add_action[reset]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_action[return]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_action[setdscp_42]  ->  passed  [0.266s]
test_add_rule.py:TestAddRule::test_add_action[setfib_1]  ->  skipped: needs net.fibs>1  [0.223s]
test_add_rule.py:TestAddRule::test_add_action[skipto_42]  ->  passed  [0.232s]
test_add_rule.py:TestAddRule::test_add_action[tee_42]  ->  passed  [0.258s]
test_add_rule.py:TestAddRule::test_add_action[test_allow]  ->  passed  [0.230s]
test_add_rule.py:TestAddRule::test_add_action[unreach6_port]  ->  passed  [0.229s]
test_add_rule.py:TestAddRule::test_add_action[unreach_needfrag]  ->  passed  [0.232s]
test_add_rule.py:TestAddRule::test_add_action[unreach_needfrag_mtu]  ->  passed  [0.228s]
test_add_rule.py:TestAddRule::test_add_action[unreach_port0]  ->  passed  [0.255s]
test_add_rule.py:TestAddRule::test_add_action[unreach_port1]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_ports[test_range-dst]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_ports[test_range-src]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_ports[test_ranges-dst]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_ports[test_ranges-src]  ->  passed  [0.231s]
test_add_rule.py:TestAddRule::test_add_ports[test_single-dst]  ->  passed  [0.233s]
test_add_rule.py:TestAddRule::test_add_ports[test_single-src]  ->  passed  [0.233s]
test_add_rule.py:TestAddRule::test_add_rule[test_comment]  ->  passed  [0.259s]
test_add_rule.py:TestAddRule::test_add_rule[test_eaction_ntp]  ->  passed  [0.233s]
test_add_rule.py:TestAddRule::test_add_rule[test_eaction_tcp-setmss]  ->  passed  [0.240s]
test_add_rule.py:TestAddRule::test_add_rule[test_or]  ->  passed  [0.236s]
test_add_rule.py:TestAddRule::test_add_rule[test_rulenum]  ->  passed  [0.235s]
test_add_rule.py:TestAddRule::test_add_rule[test_tables]  ->  passed  [0.266s]
test_add_rule.py:TestAddRule::test_add_single_instruction[test_ports]  ->  passed  [0.270s]
test_add_rule.py:TestAddRule::test_add_single_instruction[test_prob]  ->  passed  [0.236s]
test_add_rule.py:TestAddRule::test_add_single_instruction[test_proto]  ->  passed  [0.264s]

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Errors
SeverityLocationCodeMessage
Errorsbin/ipfw/tests/test_add_rule.py:74E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:138E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:151E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:152E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:181E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:197E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:218E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:222E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:230E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:235E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:240E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:247E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:254E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:262E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:271E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:280E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:311E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:313E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:316E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:322E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:325E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:327E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:329E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:344E501PEP8 E501
Errorsbin/ipfw/tests/test_add_rule.py:374E501PEP8 E501
Unit
No Test Coverage
Build Status
Buildable 52021
Build 48912: arc lint + arc unit

Revision Contents
Changeset List

PathSize
sbin/
ipfw/
2 lines
542 lines
7 lines
tests/
33 lines
tests/
atf_python/
sys/
netpfil/
ipfw/
6 lines

Diff 123160

View Options

sbin/ipfw/ipfw2.h

Loading...
View Options

sbin/ipfw/ipfw2.c

Loading...
View Options

sbin/ipfw/ipv6.c

Loading...
View Options

sbin/ipfw/tests/test_add_rule.py

Loading...
View Options

tests/atf_python/sys/netpfil/ipfw/ioctl.py

Loading...