Error out on missing table command, zap internal wrapper function

Table name and table command require each other as reflected in the
synopsis [-t table -T command [address ...]], so print usage and exit if
only one of them is given.

By moving the inter-dependence check right after option parsing is done,
we can bail out even before opening pf(4) and drop the internal wrapper
pfctl_command_tables() as unneeded indirection with now duplicate checks.

OK sashan

1 files changed, 5 insertions, 2 deletions

diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index c8199fa61ba..78f939e76a9 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfctl.c,v 1.361 2018/12/27 16:33:44 kn Exp $ */
+/*	$OpenBSD: pfctl.c,v 1.362 2019/01/02 23:08:00 kn Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -2482,6 +2482,9 @@ main(int argc, char *argv[])
 		}
 	}
 
+	if (tblcmdopt == NULL ^ tableopt == NULL)
+		usage();
+
 	if (tblcmdopt != NULL) {
 		argc -= optind;
 		argv += optind;
@@ -2661,7 +2664,7 @@ main(int argc, char *argv[])
 		pfctl_kill_src_nodes(dev, ifaceopt, opts);
 
 	if (tblcmdopt != NULL) {
-		error = pfctl_command_tables(argc, argv, tableopt,
+		error = pfctl_table(argc, argv, tableopt,
 		    tblcmdopt, rulesopt, anchorname, opts);
 		rulesopt = NULL;
 	}