D30056.id.diff
No OneTemporary
Actions

Size

4 KB

Referenced Files

None

Subscribers

None

D30056.id.diff
View Options

	diff --git a/share/man/man4/pf.4 b/share/man/man4/pf.4
	--- a/share/man/man4/pf.4
	+++ b/share/man/man4/pf.4
	@@ -26,7 +26,7 @@
	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	.\" SUCH DAMAGE.
	.\"
	-.Dd July 12, 2023
	+.Dd August 28, 2023
	.Dt PF 4
	.Os
	.Sh NAME
	@@ -338,35 +338,40 @@
	fields of the
	.Va state
	nvlist from the state table.
	-.It Dv DIOCKILLSTATES Fa "struct pfioc_state_kill *psk"
	+.It Dv DIOCKILLSTATESNV Fa "struct pfioc_nv nv"
	Remove matching entries from the state table.
	This ioctl returns the number of killed states in
	-.Va psk_killed .
	+.Va "killed" .
	.Bd -literal
	-struct pfioc_state_kill {
	- struct pf_state_cmp psk_pfcmp;
	- sa_family_t psk_af;
	- int psk_proto;
	- struct pf_rule_addr psk_src;
	- struct pf_rule_addr psk_dst;
	- char psk_ifname[IFNAMSIZ];
	- char psk_label[PF_RULE_LABEL_SIZE];
	- u_int psk_killed;
	+nvlist pf_state_cmp {
	+ number id;
	+ number creatorid;
	+ number direction;
	+};
	+
	+nvlist pf_kill {
	+ nvlist pf_state_cmp cmp;
	+ number af;
	+ number proto;
	+ nvlist pf_rule_addr src;
	+ nvlist pf_rule_addr dst;
	+ string ifname[IFNAMSIZ];
	+ string label[PF_RULE_LABEL_SIZE];
	};
	.Ed
	-.It Dv DIOCCLRSTATES Fa "struct pfioc_state_kill *psk"
	+.It Dv DIOCCLRSTATESNV Fa "struct pfioc_nv nv"
	Clear all states.
	It works like
	-.Dv DIOCKILLSTATES ,
	+.Dv DIOCKILLSTATESNV ,
	but ignores the
	-.Va psk_af ,
	-.Va psk_proto ,
	-.Va psk_src ,
	+.Va af ,
	+.Va proto ,
	+.Va src ,
	and
	-.Va psk_dst
	+.Va dst
	fields of the
	-.Vt pfioc_state_kill
	-structure.
	+.Vt pf_kill
	+nvlist.
	.It Dv DIOCSETSTATUSIF Fa "struct pfioc_if *pi"
	Specify the interface for which statistics are accumulated.
	.Bd -literal
	diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
	--- a/sys/net/pfvar.h
	+++ b/sys/net/pfvar.h
	@@ -1924,7 +1924,6 @@
	#define DIOCGETRULE _IOWR('D', 7, struct pfioc_rule)
	#define DIOCGETRULENV _IOWR('D', 7, struct pfioc_nv)
	/* XXX cut 8 - 17 */
	-#define DIOCCLRSTATES _IOWR('D', 18, struct pfioc_state_kill)
	#define DIOCCLRSTATESNV _IOWR('D', 18, struct pfioc_nv)
	#define DIOCGETSTATE _IOWR('D', 19, struct pfioc_state)
	#define DIOCGETSTATENV _IOWR('D', 19, struct pfioc_nv)
	@@ -1943,7 +1942,6 @@
	#define DIOCCLRRULECTRS _IO ('D', 38)
	#define DIOCGETLIMIT _IOWR('D', 39, struct pfioc_limit)
	#define DIOCSETLIMIT _IOWR('D', 40, struct pfioc_limit)
	-#define DIOCKILLSTATES _IOWR('D', 41, struct pfioc_state_kill)
	#define DIOCKILLSTATESNV _IOWR('D', 41, struct pfioc_nv)
	#define DIOCSTARTALTQ _IO ('D', 42)
	#define DIOCSTOPALTQ _IO ('D', 43)
	diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
	--- a/sys/netpfil/pf/pf_ioctl.c
	+++ b/sys/netpfil/pf/pf_ioctl.c
	@@ -2124,31 +2124,6 @@
	return (0);
	}

	-static int
	-pf_state_kill_to_kstate_kill(const struct pfioc_state_kill *psk,
	- struct pf_kstate_kill *kill)
	-{
	- int ret;
	-
	- bzero(kill, sizeof(*kill));
	-
	- bcopy(&psk->psk_pfcmp, &kill->psk_pfcmp, sizeof(kill->psk_pfcmp));
	- kill->psk_af = psk->psk_af;
	- kill->psk_proto = psk->psk_proto;
	- bcopy(&psk->psk_src, &kill->psk_src, sizeof(kill->psk_src));
	- bcopy(&psk->psk_dst, &kill->psk_dst, sizeof(kill->psk_dst));
	- ret = pf_user_strcpy(kill->psk_ifname, psk->psk_ifname,
	- sizeof(kill->psk_ifname));
	- if (ret != 0)
	- return (ret);
	- ret = pf_user_strcpy(kill->psk_label, psk->psk_label,
	- sizeof(kill->psk_label));
	- if (ret != 0)
	- return (ret);
	-
	- return (0);
	-}
	-
	static int
	pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket,
	uint32_t pool_ticket, const char anchor, const char anchor_call,
	@@ -3694,36 +3669,11 @@
	break;
	}

	- case DIOCCLRSTATES: {
	- struct pfioc_state_kill psk = (struct pfioc_state_kill )addr;
	- struct pf_kstate_kill kill;
	-
	- error = pf_state_kill_to_kstate_kill(psk, &kill);
	- if (error)
	- break;
	-
	- psk->psk_killed = pf_clear_states(&kill);
	- break;
	- }
	-
	case DIOCCLRSTATESNV: {
	error = pf_clearstates_nv((struct pfioc_nv *)addr);
	break;
	}

	- case DIOCKILLSTATES: {
	- struct pfioc_state_kill psk = (struct pfioc_state_kill )addr;
	- struct pf_kstate_kill kill;
	-
	- error = pf_state_kill_to_kstate_kill(psk, &kill);
	- if (error)
	- break;
	-
	- psk->psk_killed = 0;
	- pf_killstates(&kill, &psk->psk_killed);
	- break;
	- }
	-
	case DIOCKILLSTATESNV: {
	error = pf_killstates_nv((struct pfioc_nv *)addr);
	break;

File Metadata

Mime Type: text/plain
Expires: Wed, May 20, 2:37 AM (2 h, 59 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 33330161
Default Alt Text: D30056.id.diff (4 KB)

D30056.id.diffNo OneTemporaryActions

D30056.id.diffView Options

File Metadata

Event Timeline

D30056.id.diff
No OneTemporary
Actions

D30056.id.diff
View Options