D41651.diff
No OneTemporary
Actions

Size

4 KB

Referenced Files

None

Subscribers

None

D41651.diff
View Options

	diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
	--- a/sys/net/pfvar.h
	+++ b/sys/net/pfvar.h
	@@ -1921,14 +1921,12 @@
	#define DIOCADDRULE _IOWR('D', 4, struct pfioc_rule)
	#define DIOCADDRULENV _IOWR('D', 4, struct pfioc_nv)
	#define DIOCGETRULES _IOWR('D', 6, struct pfioc_rule)
	-#define DIOCGETRULE _IOWR('D', 7, struct pfioc_rule)
	#define DIOCGETRULENV _IOWR('D', 7, struct pfioc_nv)
	/* XXX cut 8 - 17 */
	#define DIOCCLRSTATESNV _IOWR('D', 18, struct pfioc_nv)
	#define DIOCGETSTATE _IOWR('D', 19, struct pfioc_state)
	#define DIOCGETSTATENV _IOWR('D', 19, struct pfioc_nv)
	#define DIOCSETSTATUSIF _IOWR('D', 20, struct pfioc_if)
	-#define DIOCGETSTATUS _IOWR('D', 21, struct pf_status)
	#define DIOCGETSTATUSNV _IOWR('D', 21, struct pfioc_nv)
	#define DIOCCLRSTATUS _IO ('D', 22)
	#define DIOCNATLOOK _IOWR('D', 23, struct pfioc_natlook)
	diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
	--- a/sys/netpfil/pf/pf_ioctl.c
	+++ b/sys/netpfil/pf/pf_ioctl.c
	@@ -2463,14 +2463,12 @@
	if (securelevel_gt(td->td_ucred, 2))
	switch (cmd) {
	case DIOCGETRULES:
	- case DIOCGETRULE:
	case DIOCGETRULENV:
	case DIOCGETADDRS:
	case DIOCGETADDR:
	case DIOCGETSTATE:
	case DIOCGETSTATENV:
	case DIOCSETSTATUSIF:
	- case DIOCGETSTATUS:
	case DIOCGETSTATUSNV:
	case DIOCCLRSTATUS:
	case DIOCNATLOOK:
	@@ -2532,7 +2530,6 @@
	case DIOCGETADDR:
	case DIOCGETSTATE:
	case DIOCGETSTATENV:
	- case DIOCGETSTATUS:
	case DIOCGETSTATUSNV:
	case DIOCGETSTATES:
	case DIOCGETSTATESV2:
	@@ -2579,11 +2576,6 @@
	break; /* dummy operation ok */
	}
	return (EACCES);
	- case DIOCGETRULE:
	- if (((struct pfioc_rule *)addr)->action ==
	- PF_GET_CLR_CNTR)
	- return (EACCES);
	- break;
	default:
	return (EACCES);
	}
	@@ -3228,63 +3220,6 @@
	break;
	}

	- case DIOCGETRULE: {
	- struct pfioc_rule pr = (struct pfioc_rule )addr;
	- struct pf_kruleset *ruleset;
	- struct pf_krule *rule;
	- int rs_num;
	-
	- pr->anchor[sizeof(pr->anchor) - 1] = 0;
	-
	- PF_RULES_WLOCK();
	- ruleset = pf_find_kruleset(pr->anchor);
	- if (ruleset == NULL) {
	- PF_RULES_WUNLOCK();
	- error = EINVAL;
	- break;
	- }
	- rs_num = pf_get_ruleset_number(pr->rule.action);
	- if (rs_num >= PF_RULESET_MAX) {
	- PF_RULES_WUNLOCK();
	- error = EINVAL;
	- break;
	- }
	- if (pr->ticket != ruleset->rules[rs_num].active.ticket) {
	- PF_RULES_WUNLOCK();
	- error = EBUSY;
	- break;
	- }
	- rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);
	- while ((rule != NULL) && (rule->nr != pr->nr))
	- rule = TAILQ_NEXT(rule, entries);
	- if (rule == NULL) {
	- PF_RULES_WUNLOCK();
	- error = EBUSY;
	- break;
	- }
	-
	- pf_krule_to_rule(rule, &pr->rule);
	-
	- if (pf_kanchor_copyout(ruleset, rule, pr)) {
	- PF_RULES_WUNLOCK();
	- error = EBUSY;
	- break;
	- }
	- pf_addr_copyout(&pr->rule.src.addr);
	- pf_addr_copyout(&pr->rule.dst.addr);
	-
	- if (pr->action == PF_GET_CLR_CNTR) {
	- pf_counter_u64_zero(&rule->evaluations);
	- for (int i = 0; i < 2; i++) {
	- pf_counter_u64_zero(&rule->packets[i]);
	- pf_counter_u64_zero(&rule->bytes[i]);
	- }
	- counter_u64_zero(rule->states_tot);
	- }
	- PF_RULES_WUNLOCK();
	- break;
	- }
	-
	case DIOCGETRULENV: {
	struct pfioc_nv nv = (struct pfioc_nv )addr;
	nvlist_t *nvrule = NULL;
	@@ -3871,39 +3806,6 @@
	break;
	}

	- case DIOCGETSTATUS: {
	- struct pf_status s = (struct pf_status )addr;
	-
	- PF_RULES_RLOCK();
	- s->running = V_pf_status.running;
	- s->since = V_pf_status.since;
	- s->debug = V_pf_status.debug;
	- s->hostid = V_pf_status.hostid;
	- s->states = V_pf_status.states;
	- s->src_nodes = V_pf_status.src_nodes;
	-
	- for (int i = 0; i < PFRES_MAX; i++)
	- s->counters[i] =
	- counter_u64_fetch(V_pf_status.counters[i]);
	- for (int i = 0; i < LCNT_MAX; i++)
	- s->lcounters[i] =
	- counter_u64_fetch(V_pf_status.lcounters[i]);
	- for (int i = 0; i < FCNT_MAX; i++)
	- s->fcounters[i] =
	- pf_counter_u64_fetch(&V_pf_status.fcounters[i]);
	- for (int i = 0; i < SCNT_MAX; i++)
	- s->scounters[i] =
	- counter_u64_fetch(V_pf_status.scounters[i]);
	-
	- bcopy(V_pf_status.ifname, s->ifname, IFNAMSIZ);
	- bcopy(V_pf_status.pf_chksum, s->pf_chksum,
	- PF_MD5_DIGEST_LENGTH);
	-
	- pfi_update_status(s->ifname, s);
	- PF_RULES_RUNLOCK();
	- break;
	- }
	-
	case DIOCGETSTATUSNV: {
	error = pf_getstatus((struct pfioc_nv *)addr);
	break;

File Metadata

Mime Type: text/plain
Expires: Tue, Jan 28, 12:36 AM (10 h, 9 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 16196053
Default Alt Text: D41651.diff (4 KB)

D41651.diffNo OneTemporaryActions

D41651.diffView Options

File Metadata

Event Timeline

D41651.diff
No OneTemporary
Actions

D41651.diff
View Options