From 956e7d232549ce4b17f5b1a079e5b51229479dda Mon Sep 17 00:00:00 2001
From: Kristof Provost <kp@FreeBSD.org>
Date: Mon, 29 Mar 2021 17:43:25 +0200
Subject: [PATCH] bsnmp: Use libpfctl

Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29642
---
 usr.sbin/bsnmpd/modules/snmp_pf/Makefile  | 3 +++
 usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c | 4 +++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/usr.sbin/bsnmpd/modules/snmp_pf/Makefile b/usr.sbin/bsnmpd/modules/snmp_pf/Makefile
index fdf77191f706..3ab6e436aa75 100644
--- a/usr.sbin/bsnmpd/modules/snmp_pf/Makefile
+++ b/usr.sbin/bsnmpd/modules/snmp_pf/Makefile
@@ -9,4 +9,7 @@ XSYM=	begemotPf
 DEFS=	${MOD}_tree.def
 BMIBS=	BEGEMOT-PF-MIB.txt
 
+CFLAGS+=	-I${SRCTOP}/lib/libpfctl -I${OBJTOP}/lib/libpfctl
+LIBADD+=	pfctl
+
 .include <bsd.snmpmod.mk>
diff --git a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c
index a14ab5841dfa..dc55c730bc5f 100644
--- a/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c
+++ b/usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c
@@ -38,6 +38,7 @@
 
 #include <errno.h>
 #include <fcntl.h>
+#include <libpfctl.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -1528,7 +1529,8 @@ pfl_scan_ruleset(const char *path)
 
 	for (nr = pr.nr, i = 0; i < nr; i++) {
 		pr.nr = i;
-		if (ioctl(dev, DIOCGETRULE, &pr)) {
+		if (pfctl_add_rule(dev, &pr.rule, pr.anchor, pr.anchor_call,
+		    pr.ticket, pr.pool_ticket)) {
 			syslog(LOG_ERR, "pfl_scan_ruleset: ioctl(DIOCGETRULE):"
 			    " %s", strerror(errno));
 			goto err;