The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=f6aa57c86b6239e1f8c8ff50f28c9d0ed1af2ce3
commit f6aa57c86b6239e1f8c8ff50f28c9d0ed1af2ce3 Author: Kristof Provost <[email protected]> AuthorDate: 2025-12-05 10:23:45 +0000 Commit: Kristof Provost <[email protected]> CommitDate: 2025-12-05 12:24:52 +0000 snmp_pf: use the libpfctl wrapper to retrieve astats Extend the test case to verify this works as expected. Sponsored by: Rubicon Communications, LLC ("Netgate") --- tests/sys/netpfil/pf/snmp.sh | 6 ++++++ usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c | 21 ++++++++------------- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/tests/sys/netpfil/pf/snmp.sh b/tests/sys/netpfil/pf/snmp.sh index 37cc4b75cf92..ad80fd457bb1 100644 --- a/tests/sys/netpfil/pf/snmp.sh +++ b/tests/sys/netpfil/pf/snmp.sh @@ -109,6 +109,12 @@ table_body() bsnmpwalk -s [email protected] -i pf_tree.def pfTables atf_check -s exit:0 -o match:'pfTablesAddrPrefix.* = 24' \ bsnmpwalk -s [email protected] -i pf_tree.def pfTables + + # Give bsnmp time to refresh the table + sleep 6 + # Expect non-zero packet count + atf_check -s exit:0 -o match:'pfTablesAddrPktsInPass.* = [1-9][0-9]*' \ + bsnmpwalk -s [email protected] -i pf_tree.def pfTables } table_cleanup() diff --git a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c index f0f9e0f0e149..91194516614f 100644 --- a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c +++ b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c @@ -1356,17 +1356,16 @@ err1: static int pfa_table_addrs(u_int sidx, struct pfr_table *pt) { - struct pfioc_table io; + struct pfr_table tbl = { 0 }; struct pfr_astats *t = NULL; struct pfa_entry *e; - int i, numaddrs = 1; + int i, numaddrs = 1, outnum; if (pt == NULL) return (-1); - memset(&io, 0, sizeof(io)); - strlcpy(io.pfrio_table.pfrt_name, pt->pfrt_name, - sizeof(io.pfrio_table.pfrt_name)); + strlcpy(tbl.pfrt_name, pt->pfrt_name, + sizeof(tbl.pfrt_name)); for (;;) { t = reallocf(t, numaddrs * sizeof(struct pfr_astats)); @@ -1377,22 +1376,18 @@ pfa_table_addrs(u_int sidx, struct pfr_table *pt) goto error; } - memset(t, 0, sizeof(*t)); - io.pfrio_size = numaddrs; - io.pfrio_buffer = t; - io.pfrio_esize = sizeof(struct pfr_astats); - - if (ioctl(pfctl_fd(pfh), DIOCRGETASTATS, &io)) { + outnum = numaddrs; + if (pfctl_get_astats(pfh, &tbl, t, &outnum, 0) != 0) { syslog(LOG_ERR, "pfa_table_addrs(): ioctl() on %s: %s", pt->pfrt_name, strerror(errno)); numaddrs = -1; break; } - if (numaddrs >= io.pfrio_size) + if (numaddrs >= outnum) break; - numaddrs = io.pfrio_size; + numaddrs = outnum; } for (i = 0; i < numaddrs; i++) {
