summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Belopuhov <mikeb@cvs.openbsd.org>2014-08-12 14:38:29 +0000
committerMike Belopuhov <mikeb@cvs.openbsd.org>2014-08-12 14:38:29 +0000
commit99edf338501e4acb8e169deac8b7c0395abc547b (patch)
tree7fc093da7ca4cd2aefd0616ca6e36500930faa07
parentf747bae8b72b15496d505ce9e9d3953ad5a422a1 (diff)
Apart from some minor code reshuffling the big change is that we
start with a ruleset pointer assigned to pf_main_ruleset so that pf_purge_rule doesn't get called with a NULL. Prompted by the discussion with Alexandr Nedvedicky <alexandr ! nedvedicky at oracle ! com>. OK henning
-rw-r--r--sys/net/pf.c3
-rw-r--r--sys/net/pf_ioctl.c11
2 files changed, 5 insertions, 9 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index a5d9aadbf33..dae2d8b24da 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.883 2014/07/22 11:06:09 mpi Exp $ */
+/* $OpenBSD: pf.c,v 1.884 2014/08/12 14:38:27 mikeb Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -3165,6 +3165,7 @@ pf_test_rule(struct pf_pdesc *pd, struct pf_rule **rm, struct pf_state **sm,
#endif /* INET6 */
}
+ ruleset = &pf_main_ruleset;
r = TAILQ_FIRST(pf_main_ruleset.rules.active.ptr);
while (r != NULL) {
r->evaluations++;
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index 735ff7d6ffd..a4dba038b8d 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_ioctl.c,v 1.274 2014/07/22 11:06:09 mpi Exp $ */
+/* $OpenBSD: pf_ioctl.c,v 1.275 2014/08/12 14:38:28 mikeb Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -309,20 +309,15 @@ pf_rm_rule(struct pf_rulequeue *rulequeue, struct pf_rule *rule)
void
pf_purge_rule(struct pf_ruleset *ruleset, struct pf_rule *rule)
{
- u_int32_t nr;
+ u_int32_t nr = 0;
- if (ruleset == NULL || ruleset->anchor == NULL)
- return;
+ KASSERT(ruleset != NULL && rule != NULL);
pf_rm_rule(ruleset->rules.active.ptr, rule);
ruleset->rules.active.rcount--;
-
- nr = 0;
TAILQ_FOREACH(rule, ruleset->rules.active.ptr, entries)
rule->nr = nr++;
-
ruleset->rules.active.ticket++;
-
pf_calc_skip_steps(ruleset->rules.active.ptr);
pf_remove_if_empty_ruleset(ruleset);
}