git: 2905d10b3927 - main - snmp_pf: use libpfctl's pfctl_get_rules_info() rather than DIOCGETRULES
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 27 Nov 2023 20:37:09 UTC
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=2905d10b392766faf0e0ce8070864132d8ab66c3 commit 2905d10b392766faf0e0ce8070864132d8ab66c3 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2023-11-27 16:48:33 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2023-11-27 20:36:48 +0000 snmp_pf: use libpfctl's pfctl_get_rules_info() rather than DIOCGETRULES Prefer libpfctl functions over direct access to the ioctl whenever possible. Sponsored by: Rubicon Communications, LLC ("Netgate") --- usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c index a5786007d3f4..bb064dd549d2 100644 --- a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c +++ b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c @@ -1513,24 +1513,21 @@ err2: static int pfl_scan_ruleset(const char *path) { - struct pfioc_rule pr; + struct pfctl_rules_info rules; struct pfctl_rule rule; + char anchor_call[MAXPATHLEN] = ""; struct pfl_entry *e; u_int32_t nr, i; - bzero(&pr, sizeof(pr)); - strlcpy(pr.anchor, path, sizeof(pr.anchor)); - pr.rule.action = PF_PASS; - if (ioctl(dev, DIOCGETRULES, &pr)) { + if (pfctl_get_rules_info(dev, &rules, PF_PASS, path)) { syslog(LOG_ERR, "pfl_scan_ruleset: ioctl(DIOCGETRULES): %s", strerror(errno)); goto err; } - for (nr = pr.nr, i = 0; i < nr; i++) { - pr.nr = i; - if (pfctl_get_rule(dev, pr.nr, pr.ticket, pr.anchor, - PF_PASS, &rule, pr.anchor_call)) { + for (nr = rules.nr, i = 0; i < nr; i++) { + if (pfctl_get_rule(dev, i, rules.ticket, path, + PF_PASS, &rule, anchor_call)) { syslog(LOG_ERR, "pfl_scan_ruleset: ioctl(DIOCGETRULE):" " %s", strerror(errno)); goto err;