Differential D49221 Diff 154353 sys/netpfil/pf/pf_ioctl.c

Changeset View

Standalone View

sys/netpfil/pf/pf_ioctl.c

Show First 20 Lines • Show All 2,209 Lines • ▼ Show 20 Lines	if ((rule->overload_tbl = pfr_attach_table(ruleset,
rule->overload_tblname)) == NULL)		rule->overload_tblname)) == NULL)
error = EINVAL;		error = EINVAL;
else		else
rule->overload_tbl->pfrkt_flags \|=		rule->overload_tbl->pfrkt_flags \|=
PFR_TFLAG_ACTIVE;		PFR_TFLAG_ACTIVE;
}		}

pf_mv_kpool(&V_pf_pabuf[0], &rule->nat.list);		pf_mv_kpool(&V_pf_pabuf[0], &rule->nat.list);

		/*
		* Old version of pfctl provide route redirection pools in single
		* common redirection pool rdr. New versions use rdr only for
		* rdr-to rules.
		*/
		if (rule->rt > PF_NOPFROUTE && TAILQ_EMPTY(&V_pf_pabuf[2])) {
		pf_mv_kpool(&V_pf_pabuf[1], &rule->route.list);
		} else {
pf_mv_kpool(&V_pf_pabuf[1], &rule->rdr.list);		pf_mv_kpool(&V_pf_pabuf[1], &rule->rdr.list);
pf_mv_kpool(&V_pf_pabuf[2], &rule->route.list);		pf_mv_kpool(&V_pf_pabuf[2], &rule->route.list);
if (((((rule->action == PF_NAT) \|\| (rule->action == PF_RDR) \|\|		}
(rule->action == PF_BINAT)) && rule->anchor == NULL) \|\|
(rule->rt > PF_NOPFROUTE)) &&		if (((rule->action == PF_NAT) \|\| (rule->action == PF_RDR) \|\|
(TAILQ_FIRST(&rule->rdr.list) == NULL &&		(rule->action == PF_BINAT)) && rule->anchor == NULL &&
TAILQ_FIRST(&rule->route.list) == NULL))		TAILQ_FIRST(&rule->rdr.list) == NULL) {
error = EINVAL;		error = EINVAL;
		}

if (rule->action == PF_PASS && rule->rdr.opts & PF_POOL_STICKYADDR &&		if (rule->rt > PF_NOPFROUTE && (TAILQ_FIRST(&rule->route.list) == NULL)) {
!rule->keep_state) {		error = EINVAL;
		}

		if (rule->action == PF_PASS && (rule->rdr.opts & PF_POOL_STICKYADDR \|\|
		rule->nat.opts & PF_POOL_STICKYADDR) && !rule->keep_state) {
error = EINVAL;		error = EINVAL;
}		}

if (error) {		if (error) {
pf_free_rule(rule);		pf_free_rule(rule);
rule = NULL;		rule = NULL;
ERROUT(error);		ERROUT(error);
}		}
▲ Show 20 Lines • Show All 4,713 Lines • Show Last 20 Lines