git: 47a0b59379c3 - main - pfctl: use libpfctl instead of DIOCGETRULES directly

Mon, 27 Nov 2023 12:37:27 -0800 

The branch main has been updated by kp:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=47a0b59379c3bec547e7c829eb12de8276227dff

commit 47a0b59379c3bec547e7c829eb12de8276227dff
Author:     Kristof Provost <k...@freebsd.org>
AuthorDate: 2023-11-24 23:43:48 +0000
Commit:     Kristof Provost <k...@freebsd.org>
CommitDate: 2023-11-27 20:36:48 +0000

    pfctl: use libpfctl instead of DIOCGETRULES directly
    
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sbin/pfctl/pfctl_optimize.c | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/sbin/pfctl/pfctl_optimize.c b/sbin/pfctl/pfctl_optimize.c
index aefd7b6471e5..95292999c50a 100644
--- a/sbin/pfctl/pfctl_optimize.c
+++ b/sbin/pfctl/pfctl_optimize.c
@@ -877,24 +877,23 @@ block_feedback(struct pfctl *pf, struct superblock *block)
 int
 load_feedback_profile(struct pfctl *pf, struct superblocks *superblocks)
 {
+       char anchor_call[MAXPATHLEN] = "";
        struct superblock *block, *blockcur;
        struct superblocks prof_superblocks;
        struct pf_opt_rule *por;
        struct pf_opt_queue queue;
-       struct pfioc_rule pr;
+       struct pfctl_rules_info rules;
        struct pfctl_rule a, b, rule;
        int nr, mnr;
 
        TAILQ_INIT(&queue);
        TAILQ_INIT(&prof_superblocks);
 
-       memset(&pr, 0, sizeof(pr));
-       pr.rule.action = PF_PASS;
-       if (ioctl(pf->dev, DIOCGETRULES, &pr)) {
+       if (pfctl_get_rules_info(pf->dev, &rules, PF_PASS, "")) {
                warn("DIOCGETRULES");
                return (1);
        }
-       mnr = pr.nr;
+       mnr = rules.nr;
 
        DEBUG("Loading %d active rules for a feedback profile", mnr);
        for (nr = 0; nr < mnr; ++nr) {
@@ -903,15 +902,14 @@ load_feedback_profile(struct pfctl *pf, struct 
superblocks *superblocks)
                        warn("calloc");
                        return (1);
                }
-               pr.nr = nr;
 
-               if (pfctl_get_rule(pf->dev, nr, pr.ticket, "", PF_PASS,
-                   &rule, pr.anchor_call)) {
+               if (pfctl_get_rule(pf->dev, nr, rules.ticket, "", PF_PASS,
+                   &rule, anchor_call)) {
                        warn("DIOCGETRULENV");
                        return (1);
                }
                memcpy(&por->por_rule, &rule, sizeof(por->por_rule));
-               rs = pf_find_or_create_ruleset(pr.anchor_call);
+               rs = pf_find_or_create_ruleset(anchor_call);
                por->por_rule.anchor = rs->anchor;
                if (TAILQ_EMPTY(&por->por_rule.rpool.list))
                        memset(&por->por_rule.rpool, 0,

Reply via email to