libpfctl: handle the 'pfctl' netlink family not being supported

If we fail to find the pfctl family we should not attempt to make the call. That means that either pf is not loaded, or it's a very old (i.e. pre-netlink) version. Reported by: manu Sponsored by: Rubicon Communications, LLC ("Netgate")
2024-07-22 10:48:02 +00:00 · 2023-11-06 11:57:35 +01:00 · 2023-11-06 11:57:35 +01:00 · 497ccc21ef
parent bce728719e
commit 497ccc21ef
1 changed files with 10 additions and 0 deletions
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@ -189,6 +189,8 @@ pfctl_startstop(int start)

 	snl_init(&ss, NETLINK_GENERIC);
 	family_id = snl_get_genl_family(&ss, PFNL_FAMILY_NAME);
+	if (family_id == 0)
+		return (ENOTSUP);

 	snl_init_writer(&ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id,
@ -1077,6 +1079,8 @@ pfctl_add_rule(int dev __unused, const struct pfctl_rule *r, const char *anchor,

 	snl_init(&ss, NETLINK_GENERIC);
 	family_id = snl_get_genl_family(&ss, PFNL_FAMILY_NAME);
+	if (family_id == 0)
+		return (ENOTSUP);

 	snl_init_writer(&ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id, PFNL_CMD_ADDRULE);
@ -1213,6 +1217,9 @@ pfctl_get_creators_nl(struct snl_state *ss, uint32_t *creators, size_t *len)
 	struct nlmsghdr *hdr;
 	struct snl_writer nw;

+	if (family_id == 0)
+		return (ENOTSUP);
+
 	snl_init_writer(ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id, PFNL_CMD_GETCREATORS);
 	hdr->nlmsg_flags |= NLM_F_DUMP;
@ -1363,6 +1370,9 @@ pfctl_get_states_nl(struct pfctl_state_filter *filter, struct snl_state *ss, pfc
 	struct nlmsghdr *hdr;
 	struct snl_writer nw;

+	if (family_id == 0)
+		return (ENOTSUP);
+
 	snl_init_writer(ss, &nw);
 	hdr = snl_create_genl_msg_request(&nw, family_id, PFNL_CMD_GETSTATES);
 	hdr->nlmsg_flags |= NLM_F_DUMP;