Changeset View
Changeset View
Standalone View
Standalone View
head/sbin/pfctl/parse.y
Show First 20 Lines • Show All 4,737 Lines • ▼ Show 20 Lines | rdr_consistent(struct pf_rule *r) | ||||
return (-problems); | return (-problems); | ||||
} | } | ||||
int | int | ||||
process_tabledef(char *name, struct table_opts *opts) | process_tabledef(char *name, struct table_opts *opts) | ||||
{ | { | ||||
struct pfr_buffer ab; | struct pfr_buffer ab; | ||||
struct node_tinit *ti; | struct node_tinit *ti; | ||||
unsigned long maxcount; | |||||
size_t s = sizeof(maxcount); | |||||
bzero(&ab, sizeof(ab)); | bzero(&ab, sizeof(ab)); | ||||
ab.pfrb_type = PFRB_ADDRS; | ab.pfrb_type = PFRB_ADDRS; | ||||
SIMPLEQ_FOREACH(ti, &opts->init_nodes, entries) { | SIMPLEQ_FOREACH(ti, &opts->init_nodes, entries) { | ||||
if (ti->file) | if (ti->file) | ||||
if (pfr_buf_load(&ab, ti->file, 0, append_addr)) { | if (pfr_buf_load(&ab, ti->file, 0, append_addr)) { | ||||
if (errno) | if (errno) | ||||
yyerror("cannot load \"%s\": %s", | yyerror("cannot load \"%s\": %s", | ||||
Show All 11 Lines | if (ti->host) | ||||
} | } | ||||
} | } | ||||
if (pf->opts & PF_OPT_VERBOSE) | if (pf->opts & PF_OPT_VERBOSE) | ||||
print_tabledef(name, opts->flags, opts->init_addr, | print_tabledef(name, opts->flags, opts->init_addr, | ||||
&opts->init_nodes); | &opts->init_nodes); | ||||
if (!(pf->opts & PF_OPT_NOACTION) && | if (!(pf->opts & PF_OPT_NOACTION) && | ||||
pfctl_define_table(name, opts->flags, opts->init_addr, | pfctl_define_table(name, opts->flags, opts->init_addr, | ||||
pf->anchor->name, &ab, pf->anchor->ruleset.tticket)) { | pf->anchor->name, &ab, pf->anchor->ruleset.tticket)) { | ||||
if (sysctlbyname("net.pf.request_maxcount", &maxcount, &s, | |||||
NULL, 0) == -1) | |||||
maxcount = 65535; | |||||
if (ab.pfrb_size > maxcount) | |||||
yyerror("cannot define table %s: too many elements.\n" | |||||
"Consider increasing net.pf.request_maxcount.", | |||||
name); | |||||
else | |||||
yyerror("cannot define table %s: %s", name, | yyerror("cannot define table %s: %s", name, | ||||
pfr_strerror(errno)); | pfr_strerror(errno)); | ||||
goto _error; | goto _error; | ||||
} | } | ||||
pf->tdirty = 1; | pf->tdirty = 1; | ||||
pfr_buf_clear(&ab); | pfr_buf_clear(&ab); | ||||
return (0); | return (0); | ||||
_error: | _error: | ||||
pfr_buf_clear(&ab); | pfr_buf_clear(&ab); | ||||
return (-1); | return (-1); | ||||
▲ Show 20 Lines • Show All 1,582 Lines • Show Last 20 Lines |