From nobody Wed Mar 02 16:01:05 2022
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id CFF5F19E16E3;
	Wed,  2 Mar 2022 16:01:08 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4K7zPH1GlVz3NZh;
	Wed,  2 Mar 2022 16:01:06 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1646236868;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=RMXhFUabn/ipmMB9qCZh+pK7HEfHNQsgPJJU9vKfH+o=;
	b=UYNWVBT3Tka3WwKkVOraEF2cnaadfHZ/BQ3mUO3WTuDR945xqIt2V+EDhWK+IcyNQ2Foih
	4k5oQZlha2dKnT0Ybe/VO3pWrU7vQpsc7WIWHIWZzSmIzmDAs5FKljX50oSVHgtz4Wdg01
	01fOIdMqRGfiNZUgf9EeGgl7OG91yJ9/32sk3XC6w4d54OOjxySSn973vWjD+5ClqN/VIx
	acVUP/14Il1EkXwocXOmJVI0WILHdMhRyk8DP2LclvxkUobG1b0epnuuXvmfmImx+nF/5r
	OJZPrgYuEA7kay7bs7ARjNjqXKcS9FvusWjpFiTtqhPkJjzxKbjO7lxsptfcmA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5B7402622B;
	Wed,  2 Mar 2022 16:01:05 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 222G15pa091481;
	Wed, 2 Mar 2022 16:01:05 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 222G15Yk091480;
	Wed, 2 Mar 2022 16:01:05 GMT
	(envelope-from git)
Date: Wed, 2 Mar 2022 16:01:05 GMT
Message-Id: <202203021601.222G15Yk091480@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 6ea1c3cfc899 - main - pfctl: support flushing ethernet rules
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-main@freebsd.org
X-BeenThere: dev-commits-src-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 6ea1c3cfc89905b0f703b5d549b481fa0718a1a7
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1646236868;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=RMXhFUabn/ipmMB9qCZh+pK7HEfHNQsgPJJU9vKfH+o=;
	b=QTEsav+Qkn/KO4Vi8neEUM2MUBIryeP+iOUo2Eql7z/fxp5uTzCg5cNhY5BY32F+yv8dg7
	c/Ie2wSc0HFs29mmfMxCDlMSUBUW4YTcWvIgsGUrbQY6R1tVNnthmbEQvwlzlBg10S63xS
	4hbM4KHEY91LcSNCUmLZJ13Yff3N4129vTUknzbzWZrNUtbYNKGKVaDV8hm/Sqit+q9xzr
	IL1tnaVGiyJx2SzXl9vydf6a5dfVIdqkXnWPDTz8GR02/qCz0Ujfyg0EaqP1HHhXBx5MDP
	LlBJXhnNBGc9yzWbbmJ6NN33cVO+kkmu0l6c0DMwhBgy1mTcdo37Z0k2IfaFqA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1646236868; a=rsa-sha256; cv=none;
	b=Ew3xgOCUkAx8KlU2d8c0vx2vhMCbjj/b86sB0i6STjSeO7NUz6Ey8BJNCkl1l6AjryWoeS
	mKTmkjJcbeG6BmiHCJ+pSJsrbRwrHY9HLsA+uttBMztsHZyLfwEZCvCnhP4sto5isOpHB2
	FKysFENCYYHEsMkpHxSsstiFbgMbBLYuZjK2XV+4zAEN/DuUv+uhj2MQa6NT5heAZtMDc9
	3E9irOgJLIKTvrihgRJyn8bcwJ/KVolc9K3TbkVXOdxmPTpFM/AtrQU8q/3ENqtt4/K4XS
	yCCPKr3AFXqj0RQJGgpoesdi18I/6xkYc9xA3bNH3Hry3uVjka8QGl4TRFHG3w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=6ea1c3cfc89905b0f703b5d549b481fa0718a1a7

commit 6ea1c3cfc89905b0f703b5d549b481fa0718a1a7
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-01-17 16:38:28 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-03-02 16:00:07 +0000

    pfctl: support flushing ethernet rules
    
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sbin/pfctl/pfctl.8 |  2 ++
 sbin/pfctl/pfctl.c | 24 +++++++++++++++++++++++-
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/sbin/pfctl/pfctl.8 b/sbin/pfctl/pfctl.8
index f61feef8bc16..95d098f6d585 100644
--- a/sbin/pfctl/pfctl.8
+++ b/sbin/pfctl/pfctl.8
@@ -212,6 +212,8 @@ Flush the filter parameters specified by
 Flush the NAT rules.
 .It Fl F Cm queue
 Flush the queue rules.
+.It Fl F Cm ethernet
+Flush the Ethernet filter rules.
 .It Fl F Cm rules
 Flush the filter rules.
 .It Fl F Cm states
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index bec37b0bf85f..89b546a1b9e2 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -75,6 +75,7 @@ int	 pfctl_get_skip_ifaces(void);
 int	 pfctl_check_skip_ifaces(char *);
 int	 pfctl_adjust_skip_ifaces(struct pfctl *);
 int	 pfctl_clear_interface_flags(int, int);
+int	 pfctl_clear_eth_rules(int, int, char *);
 int	 pfctl_clear_rules(int, int, char *);
 int	 pfctl_clear_nat(int, int, char *);
 int	 pfctl_clear_altq(int, int);
@@ -227,7 +228,8 @@ static const struct {
 
 static const char * const clearopt_list[] = {
 	"nat", "queue", "rules", "Sources",
-	"states", "info", "Tables", "osfp", "all", NULL
+	"states", "info", "Tables", "osfp", "all",
+	"ethernet", NULL
 };
 
 static const char * const showopt_list[] = {
@@ -457,6 +459,22 @@ pfctl_clear_interface_flags(int dev, int opts)
 	return (0);
 }
 
+int
+pfctl_clear_eth_rules(int dev, int opts, char *anchorname)
+{
+	struct pfr_buffer t;
+
+	memset(&t, 0, sizeof(t));
+	t.pfrb_type = PFRB_TRANS;
+	if (pfctl_add_trans(&t, PF_RULESET_ETH, anchorname) ||
+	    pfctl_trans(dev, &t, DIOCXBEGIN, 0) ||
+	    pfctl_trans(dev, &t, DIOCXCOMMIT, 0))
+		err(1, "pfctl_clear_eth_rules");
+	if ((opts & PF_OPT_QUIET) == 0)
+		fprintf(stderr, "Ethernet rules cleared\n");
+	return (0);
+}
+
 int
 pfctl_clear_rules(int dev, int opts, char *anchorname)
 {
@@ -2873,6 +2891,9 @@ main(int argc, char *argv[])
 			    "be modified from the command line");
 
 		switch (*clearopt) {
+		case 'e':
+			pfctl_clear_eth_rules(dev, opts, anchorname);
+			break;
 		case 'r':
 			pfctl_clear_rules(dev, opts, anchorname);
 			break;
@@ -2892,6 +2913,7 @@ main(int argc, char *argv[])
 			pfctl_clear_stats(dev, opts);
 			break;
 		case 'a':
+			pfctl_clear_eth_rules(dev, opts, anchorname);
 			pfctl_clear_rules(dev, opts, anchorname);
 			pfctl_clear_nat(dev, opts, anchorname);
 			pfctl_clear_tables(anchorname, opts);