system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-21 02:06:37 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

snmp_pf: use libpfctl's pfctl_get_rules_info() rather than DIOCGETRULES

Browse source 
Prefer libpfctl functions over direct access to the ioctl whenever
possible.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
This commit is contained in:
Kristof Provost 2023-11-27 17:48:33 +01:00
parent 47a0b59379
commit 2905d10b39
1 changed files with 6 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c
View file

@ -1513,24 +1513,21 @@ pfa_refresh(void)
static int
pfl_scan_ruleset(const char *path)
{
struct pfioc_rule pr;
struct pfctl_rules_info rules;
struct pfctl_rule rule;
char anchor_call[MAXPATHLEN] = "";
struct pfl_entry *e;
u_int32_t nr, i;
bzero(&pr, sizeof(pr));
strlcpy(pr.anchor, path, sizeof(pr.anchor));
pr.rule.action = PF_PASS;
if (ioctl(dev, DIOCGETRULES, &pr)) {
if (pfctl_get_rules_info(dev, &rules, PF_PASS, path)) {
syslog(LOG_ERR, "pfl_scan_ruleset: ioctl(DIOCGETRULES): %s",
strerror(errno));
goto err;
}
for (nr = pr.nr, i = 0; i < nr; i++) {
pr.nr = i;
if (pfctl_get_rule(dev, pr.nr, pr.ticket, pr.anchor,
PF_PASS, &rule, pr.anchor_call)) {
for (nr = rules.nr, i = 0; i < nr; i++) {
if (pfctl_get_rule(dev, i, rules.ticket, path,
PF_PASS, &rule, anchor_call)) {
syslog(LOG_ERR, "pfl_scan_ruleset: ioctl(DIOCGETRULE):"
" %s", strerror(errno));
goto err;