git: 1f8b1a3fac5f - main - authpf: use libpfctl to add or remove addresses to/from a table
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 08 May 2025 13:10:45 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=1f8b1a3fac5f7fd28bd2eb09a13272774d2b6899
commit 1f8b1a3fac5f7fd28bd2eb09a13272774d2b6899
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2025-05-07 09:08:41 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2025-05-08 13:10:25 +0000
authpf: use libpfctl to add or remove addresses to/from a table
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
contrib/pf/authpf/authpf.c | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/contrib/pf/authpf/authpf.c b/contrib/pf/authpf/authpf.c
index fcf9812cdcca..73cc9a7dc657 100644
--- a/contrib/pf/authpf/authpf.c
+++ b/contrib/pf/authpf/authpf.c
@@ -842,15 +842,11 @@ error:
static int
change_table(int add, const char *ip_src)
{
- struct pfioc_table io;
+ struct pfr_table tbl = { 0 };
struct pfr_addr addr;
+ int ret;
- bzero(&io, sizeof(io));
- strlcpy(io.pfrio_table.pfrt_name, tablename,
- sizeof(io.pfrio_table.pfrt_name));
- io.pfrio_buffer = &addr;
- io.pfrio_esize = sizeof(addr);
- io.pfrio_size = 1;
+ strlcpy(tbl.pfrt_name, tablename, sizeof(tbl.pfrt_name));
bzero(&addr, sizeof(addr));
if (ip_src == NULL || !ip_src[0])
@@ -866,11 +862,16 @@ change_table(int add, const char *ip_src)
return (-1);
}
- if (ioctl(pfctl_fd(pfh), add ? DIOCRADDADDRS : DIOCRDELADDRS, &io) &&
- errno != ESRCH) {
+ if (add)
+ ret = pfctl_table_add_addrs(pfctl_fd(pfh), &tbl, &addr, 1, NULL, 0);
+ else
+ ret = pfctl_table_del_addrs(pfctl_fd(pfh), &tbl, &addr, 1, NULL, 0);
+
+
+ if (ret != 0 && ret != ESRCH) {
syslog(LOG_ERR, "cannot %s %s from table %s: %s",
add ? "add" : "remove", ip_src, tablename,
- strerror(errno));
+ strerror(ret));
return (-1);
}
return (0);