CVS commit: src/usr.sbin/npf/npfctl

Sun, 29 Sep 2019 11:51:20 -0700 

Module Name:    src
Committed By:   rmind
Date:           Sun Sep 29 18:51:08 UTC 2019

Modified Files:
        src/usr.sbin/npf/npfctl: npf_build.c

Log Message:
npfctl: implement table replace subcommand.
Contributed by Timshel Knoll-Miller.

(missed a file in previous commit; cvs is so helpful..)


To generate a diff of this commit:
cvs rdiff -u -r1.51 -r1.52 src/usr.sbin/npf/npfctl/npf_build.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/usr.sbin/npf/npfctl/npf_build.c
diff -u src/usr.sbin/npf/npfctl/npf_build.c:1.51 src/usr.sbin/npf/npfctl/npf_build.c:1.52
--- src/usr.sbin/npf/npfctl/npf_build.c:1.51	Thu Aug  8 21:29:15 2019
+++ src/usr.sbin/npf/npfctl/npf_build.c	Sun Sep 29 18:51:08 2019
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: npf_build.c,v 1.51 2019/08/08 21:29:15 rmind Exp $");
+__RCSID("$NetBSD: npf_build.c,v 1.52 2019/09/29 18:51:08 rmind Exp $");
 
 #include <sys/types.h>
 #define	__FAVOR_BSD
@@ -151,25 +151,32 @@ npfctl_debug_addif(const char *ifname)
 	return 0;
 }
 
-unsigned
-npfctl_table_getid(const char *name)
+nl_table_t *
+npfctl_table_getbyname(nl_config_t *ncf, const char *name)
 {
-	unsigned tid = (unsigned)-1;
 	nl_iter_t i = NPF_ITER_BEGIN;
 	nl_table_t *tl;
 
 	/* XXX dynamic ruleset */
-	if (!npf_conf) {
-		return (unsigned)-1;
+	if (!ncf) {
+		return NULL;
 	}
-	while ((tl = npf_table_iterate(npf_conf, &i)) != NULL) {
+	while ((tl = npf_table_iterate(ncf, &i)) != NULL) {
 		const char *tname = npf_table_getname(tl);
 		if (strcmp(tname, name) == 0) {
-			tid = npf_table_getid(tl);
 			break;
 		}
 	}
-	return tid;
+	return tl;
+}
+
+unsigned
+npfctl_table_getid(const char *name)
+{
+	nl_table_t *tl;
+
+	tl = npfctl_table_getbyname(npf_conf, name);
+	return tl ? npf_table_getid(tl) : (unsigned)-1;
 }
 
 const char *
@@ -873,15 +880,13 @@ npfctl_build_natseg(int sd, int type, un
  * npfctl_fill_table: fill NPF table with entries from a specified file.
  */
 static void
-npfctl_fill_table(nl_table_t *tl, u_int type, const char *fname)
+npfctl_fill_table(nl_table_t *tl, u_int type, const char *fname, FILE *fp)
 {
 	char *buf = NULL;
 	int l = 0;
-	FILE *fp;
 	size_t n;
 
-	fp = fopen(fname, "r");
-	if (fp == NULL) {
+	if (fp == NULL && (fp = fopen(fname, "r")) == NULL) {
 		err(EXIT_FAILURE, "open '%s'", fname);
 	}
 	while (l++, getline(&buf, &n, fp) != -1) {
@@ -908,6 +913,23 @@ npfctl_fill_table(nl_table_t *tl, u_int 
 }
 
 /*
+ * npfctl_load_table: create an NPF table and fill with contents from a file.
+ */
+nl_table_t *
+npfctl_load_table(const char *tname, int tid, u_int type,
+    const char *fname, FILE *fp)
+{
+	nl_table_t *tl;
+
+	tl = npf_table_create(tname, tid, type);
+	if (tl && fname) {
+		npfctl_fill_table(tl, type, fname, fp);
+	}
+
+	return tl;
+}
+
+/*
  * npfctl_build_table: create an NPF table, add to the configuration and,
  * if required, fill with contents from a file.
  */
@@ -916,15 +938,13 @@ npfctl_build_table(const char *tname, u_
 {
 	nl_table_t *tl;
 
-	tl = npf_table_create(tname, npfctl_tid_counter++, type);
-	assert(tl != NULL);
-
-	if (fname) {
-		npfctl_fill_table(tl, type, fname);
-	} else if (type == NPF_TABLE_CONST) {
+	if (type == NPF_TABLE_CONST && !fname) {
 		yyerror("table type 'const' must be loaded from a file");
 	}
 
+	tl = npfctl_load_table(tname, npfctl_tid_counter++, type, fname, NULL);
+	assert(tl != NULL);
+
 	if (npf_table_insert(npf_conf, tl)) {
 		yyerror("table '%s' is already defined", tname);
 	}

Reply via email to