![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b2fd960)
raw | patch | inline | side by side (parent: b2fd960)
| author | Stefan Rinkes <stefan.rinkes@gmail.com> | |
| Sat, 16 Apr 2011 22:53:28 +0000 (00:53 +0200) | ||
| committer | Stefan Rinkes <stefan.rinkes@gmail.com> | |
| Sat, 16 Apr 2011 22:53:28 +0000 (00:53 +0200) |
| pfutils45.c | patch | blob | history | |
| pfutils45.h | patch | blob | history | |
| src/pf.c | patch | blob | history |
diff --git a/pfutils45.c b/pfutils45.c
index c7efb396f618aa82e8a792de23479eee3af6a693..f8ca6e25f1e15be7f862a72337dafa21809e505e 100644 (file)
--- a/pfutils45.c
+++ b/pfutils45.c
return (buf);
}
+int
+pfctl_get_pool(int dev, struct pf_pool *pool, u_int32_t nr,
+ u_int32_t ticket, int r_action, char *anchorname)
+{
+ struct pfioc_pooladdr pp;
+ struct pf_pooladdr *pa;
+ u_int32_t pnr, mpnr;
+
+ memset(&pp, 0, sizeof(pp));
+ memcpy(pp.anchor, anchorname, sizeof(pp.anchor));
+ pp.r_action = r_action;
+ pp.r_num = nr;
+ pp.ticket = ticket;
+ if (ioctl(dev, DIOCGETADDRS, &pp)) {
+ warn("DIOCGETADDRS");
+ return (-1);
+ }
+ mpnr = pp.nr;
+ TAILQ_INIT(&pool->list);
+ for (pnr = 0; pnr < mpnr; ++pnr) {
+ pp.nr = pnr;
+ if (ioctl(dev, DIOCGETADDR, &pp)) {
+ warn("DIOCGETADDR");
+ return (-1);
+ }
+ pa = calloc(1, sizeof(struct pf_pooladdr));
+ if (pa == NULL)
+ err(1, "calloc");
+ bcopy(&pp.addr, pa, sizeof(struct pf_pooladdr));
+ TAILQ_INSERT_TAIL(&pool->list, pa, entries);
+ }
+
+ return (0);
+}
+
+void
+pfctl_move_pool(struct pf_pool *src, struct pf_pool *dst)
+{
+ struct pf_pooladdr *pa;
+
+ while ((pa = TAILQ_FIRST(&src->list)) != NULL) {
+ TAILQ_REMOVE(&src->list, pa, entries);
+ TAILQ_INSERT_TAIL(&dst->list, pa, entries);
+ }
+}
+
+void
+pfctl_clear_pool(struct pf_pool *pool)
+{
+ struct pf_pooladdr *pa;
+
+ while ((pa = TAILQ_FIRST(&pool->list)) != NULL) {
+ TAILQ_REMOVE(&pool->list, pa, entries);
+ free(pa);
+ }
+}
+
diff --git a/pfutils45.h b/pfutils45.h
index 5294737c3b788e850780a2e266dc50cce6d6faf1..411471d060e67a53e338e53f2f16df2703bd2c59 100644 (file)
--- a/pfutils45.h
+++ b/pfutils45.h
-void print_rule(struct pf_rule *, const char *, int);
-void print_pool(struct pf_pool *, u_int16_t, u_int16_t, sa_family_t, int);
+void print_rule(struct pf_rule *, const char *, int);
+void print_pool(struct pf_pool *, u_int16_t, u_int16_t, sa_family_t, int);
+int pfctl_get_pool(int, struct pf_pool *, u_int32_t, u_int32_t, int,
+ char *);
+void pfctl_clear_pool(struct pf_pool *);
+
#define PF_NAT_PROXY_PORT_LOW 50001
#define PF_NAT_PROXY_PORT_HIGH 65535
diff --git a/src/pf.c b/src/pf.c
index 9b69fecfd88905d44467b4ae796f35731d17de1a..976b32f8e15fad75a7a4787f8db15e48928411e7 100644 (file)
--- a/src/pf.c
+++ b/src/pf.c
{
struct pf_status status;
- if ((pfdev = open(PF_SOCKET, O_RDWR)) == -1) {
+ if ((dev = open(PF_SOCKET, O_RDWR)) == -1) {
return (-1);
}
- if (ioctl(pfdev, DIOCGETSTATUS, &status) == -1) {
+ if (ioctl(dev, DIOCGETSTATUS, &status) == -1) {
return (-1);
}
- close(pfdev);
+ close(dev);
if (!status.running)
return (-1);
char *lnames[] = LCNT_NAMES;
char *names[] = { "searches", "inserts", "removals" };
- if ((pfdev = open(PF_SOCKET, O_RDWR)) == -1) {
+ if ((dev = open(PF_SOCKET, O_RDWR)) == -1) {
return (-1);
}
- if (ioctl(pfdev, DIOCGETSTATUS, &status) == -1) {
+ if (ioctl(dev, DIOCGETSTATUS, &status) == -1) {
return (-1);
}
- close(pfdev);
+ close(dev);
for (i = 0; i < PFRES_MAX; i++)
submit_counter("pf_counters", cnames[i], status.counters[i]);
for (i = 0; i < LCNT_MAX; i++)