HomeFreeBSD

pf: Remove ptr_array from struct pf_kruleset

Description

pf: Remove ptr_array from struct pf_kruleset

Each ruleset's rules are stored in a TAILQ called "ptr" with "rcount"
representing the number of rules in the ruleset; "ptr_array" points to an
array of the same length.

"ptr" is backed by pool_get(9) and may change in size as "expired" rules
get removed from the ruleset - see "once" in pf.conf(5).

"ptr_array" is allocated momentarily through mallocarray(9) and gets filled
with the TAILQ entries, so that the sole user pfsync(4) can access the list
of rules by index to pick the n-th rule during state insertion.

Remove "ptr_array" and make pfsync iterate over the TAILQ instead to get the
matching rule's index. This simplifies both code and data structures and
avoids duplicate memory management.

OK sashan

Obtained from: OpenBSD, kn <kn@openbsd.org>, d13e571b26
Sponsored by: Rubicon Communications, LLC ("Netgate")

Details

Provenance
kpAuthored on Jul 7 2025, 12:53 PM
Parents
rG7d4673d3a439: netinet6: allow binding a raw socket to an anycast address
Branches
Unknown
Tags
Unknown