pfctl, libpfctl: introduce pfctl_pool
Introduce pfctl_pool to be able to extend the pool part of the pf rule without breaking the ABI. Reviewed by: kp MFC after: 4 weeks Differential Revision: https://reviews.freebsd.org/D29721
This commit is contained in:
Kurosawa Takahiro
Kristof Provost
parent
b856b51d14
commit
600bd6ce06
@ -198,7 +198,7 @@ pf_nvrule_addr_to_rule_addr(const nvlist_t *nvl, struct pf_rule_addr *addr)
|
||||
|
||||
static void
|
||||
pfctl_nv_add_pool(nvlist_t *nvparent, const char *name,
|
||||
const struct pf_pool *pool)
|
||||
const struct pfctl_pool *pool)
|
||||
{
|
||||
u_int64_t ports[2];
|
||||
nvlist_t *nvl = nvlist_create(0);
|
||||
@ -216,7 +216,7 @@ pfctl_nv_add_pool(nvlist_t *nvparent, const char *name,
|
||||
}
|
||||
|
||||
static void
|
||||
pf_nvpool_to_pool(const nvlist_t *nvl, struct pf_pool *pool)
|
||||
pf_nvpool_to_pool(const nvlist_t *nvl, struct pfctl_pool *pool)
|
||||
{
|
||||
size_t len;
|
||||
const void *data;
|
||||
|
||||
@ -38,6 +38,16 @@
|
||||
|
||||
struct pfctl_anchor;
|
||||
|
||||
struct pfctl_pool {
|
||||
struct pf_palist list;
|
||||
struct pf_pooladdr *cur;
|
||||
struct pf_poolhashkey key;
|
||||
struct pf_addr counter;
|
||||
int tblidx;
|
||||
u_int16_t proxy_port[2];
|
||||
u_int8_t opts;
|
||||
};
|
||||
|
||||
struct pfctl_rule {
|
||||
struct pf_rule_addr src;
|
||||
struct pf_rule_addr dst;
|
||||
@ -52,7 +62,7 @@ struct pfctl_rule {
|
||||
char overload_tblname[PF_TABLE_NAME_SIZE];
|
||||
|
||||
TAILQ_ENTRY(pfctl_rule) entries;
|
||||
struct pf_pool rpool;
|
||||
struct pfctl_pool rpool;
|
||||
|
||||
u_int64_t evaluations;
|
||||
u_int64_t packets[2];
|
||||
|
||||
@ -92,7 +92,7 @@ int pfctl_load_timeout(struct pfctl *, unsigned int, unsigned int);
|
||||
int pfctl_load_debug(struct pfctl *, unsigned int);
|
||||
int pfctl_load_logif(struct pfctl *, char *);
|
||||
int pfctl_load_hostid(struct pfctl *, u_int32_t);
|
||||
int pfctl_get_pool(int, struct pf_pool *, u_int32_t, u_int32_t, int,
|
||||
int pfctl_get_pool(int, struct pfctl_pool *, u_int32_t, u_int32_t, int,
|
||||
char *);
|
||||
void pfctl_print_rule_counters(struct pfctl_rule *, int);
|
||||
int pfctl_show_rules(int, char *, int, enum pfctl_show, char *, int);
|
||||
@ -805,7 +805,7 @@ pfctl_id_kill_states(int dev, const char *iface, int opts)
|
||||
}
|
||||
|
||||
int
|
||||
pfctl_get_pool(int dev, struct pf_pool *pool, u_int32_t nr,
|
||||
pfctl_get_pool(int dev, struct pfctl_pool *pool, u_int32_t nr,
|
||||
u_int32_t ticket, int r_action, char *anchorname)
|
||||
{
|
||||
struct pfioc_pooladdr pp;
|
||||
@ -840,7 +840,7 @@ pfctl_get_pool(int dev, struct pf_pool *pool, u_int32_t nr,
|
||||
}
|
||||
|
||||
void
|
||||
pfctl_move_pool(struct pf_pool *src, struct pf_pool *dst)
|
||||
pfctl_move_pool(struct pfctl_pool *src, struct pfctl_pool *dst)
|
||||
{
|
||||
struct pf_pooladdr *pa;
|
||||
|
||||
@ -851,7 +851,7 @@ pfctl_move_pool(struct pf_pool *src, struct pf_pool *dst)
|
||||
}
|
||||
|
||||
void
|
||||
pfctl_clear_pool(struct pf_pool *pool)
|
||||
pfctl_clear_pool(struct pfctl_pool *pool)
|
||||
{
|
||||
struct pf_pooladdr *pa;
|
||||
|
||||
@ -1272,7 +1272,7 @@ pfctl_show_limits(int dev, int opts)
|
||||
|
||||
/* callbacks for rule/nat/rdr/addr */
|
||||
int
|
||||
pfctl_add_pool(struct pfctl *pf, struct pf_pool *p, sa_family_t af)
|
||||
pfctl_add_pool(struct pfctl *pf, struct pfctl_pool *p, sa_family_t af)
|
||||
{
|
||||
struct pf_pooladdr *pa;
|
||||
|
||||
|
||||
@ -412,7 +412,7 @@ print_fromto(struct pf_rule_addr *src, pf_osfp_t osfp, struct pf_rule_addr *dst,
|
||||
}
|
||||
|
||||
void
|
||||
print_pool(struct pf_pool *pool, u_int16_t p1, u_int16_t p2,
|
||||
print_pool(struct pfctl_pool *pool, u_int16_t p1, u_int16_t p2,
|
||||
sa_family_t af, int id)
|
||||
{
|
||||
struct pf_pooladdr *pooladdr;
|
||||
|
||||
@ -256,9 +256,9 @@ int pfctl_optimize_ruleset(struct pfctl *, struct pfctl_ruleset *);
|
||||
|
||||
int pfctl_append_rule(struct pfctl *, struct pfctl_rule *, const char *);
|
||||
int pfctl_add_altq(struct pfctl *, struct pf_altq *);
|
||||
int pfctl_add_pool(struct pfctl *, struct pf_pool *, sa_family_t);
|
||||
void pfctl_move_pool(struct pf_pool *, struct pf_pool *);
|
||||
void pfctl_clear_pool(struct pf_pool *);
|
||||
int pfctl_add_pool(struct pfctl *, struct pfctl_pool *, sa_family_t);
|
||||
void pfctl_move_pool(struct pfctl_pool *, struct pfctl_pool *);
|
||||
void pfctl_clear_pool(struct pfctl_pool *);
|
||||
|
||||
int pfctl_set_timeout(struct pfctl *, const char *, int, int);
|
||||
int pfctl_set_optimization(struct pfctl *, const char *);
|
||||
@ -272,7 +272,7 @@ int parse_config(char *, struct pfctl *);
|
||||
int parse_flags(char *);
|
||||
int pfctl_load_anchors(int, struct pfctl *, struct pfr_buffer *);
|
||||
|
||||
void print_pool(struct pf_pool *, u_int16_t, u_int16_t, sa_family_t, int);
|
||||
void print_pool(struct pfctl_pool *, u_int16_t, u_int16_t, sa_family_t, int);
|
||||
void print_src_node(struct pf_src_node *, int);
|
||||
void print_rule(struct pfctl_rule *, const char *, int, int);
|
||||
void print_tabledef(const char *, int, int, struct node_tinithead *);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user