src - OpenBSD base system

diff options


context:
space:
mode:

author	Cedric Berger <cedric@cvs.openbsd.org>	2003-07-18 06:30:08 +0000
committer	Cedric Berger <cedric@cvs.openbsd.org>	2003-07-18 06:30:08 +0000
commit	77e7750dd0a8b730545bdc854a56c0a48bc2d4dd (patch)
tree	b44d9f888731d46e8e9aa99b220a913a55b5f0d9 /sbin
parent	bc3eabab53e63090e81f79b5a3b4a6345465e50c (diff)

Simplify handling of flags (-R, -N...). Remove PFCTL_FLAG_ALL.

ok dhartmei@

Diffstat (limited to 'sbin')

-rw-r--r--

sbin/pfctl/parse.y

-rw-r--r--

sbin/pfctl/pfctl.c

-rw-r--r--

sbin/pfctl/pfctl_parser.h

3 files changed, 30 insertions, 40 deletions

diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index fc539d34d38..ad3f560a797 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y

@@ -1,4 +1,4 @@

-/* $OpenBSD: parse.y,v 1.401 2003/07/15 17:12:38 cedric Exp $ */

+/* $OpenBSD: parse.y,v 1.402 2003/07/18 06:30:06 cedric Exp $ */

@@ -860,7 +860,7 @@ tabledef : TABLE '<' STRING '>' table_opts {

PF_TABLE_NAME_SIZE - 1);

YYERROR;

}

- if (pf->loadopt & (PFCTL_FLAG_TABLE | PFCTL_FLAG_ALL))

+ if (pf->loadopt & PFCTL_FLAG_TABLE)

if (process_tabledef($3, &$5))

YYERROR;

for (ti = SIMPLEQ_FIRST(&$5.init_nodes);

@@ -3415,7 +3415,7 @@ expand_altq(struct pf_altq *a, struct node_if *interfaces,

struct node_queue_bw bw;

int errs = 0;

- if ((pf->loadopt & (PFCTL_FLAG_ALTQ | PFCTL_FLAG_ALL)) == 0) {

+ if ((pf->loadopt & PFCTL_FLAG_ALTQ) == 0) {

FREE_LIST(struct node_if, interfaces);

FREE_LIST(struct node_queue, nqueues);

return (0);

@@ -3523,7 +3523,7 @@ expand_queue(struct pf_altq *a, struct node_if *interfaces,

u_int8_t found = 0;

u_int8_t errs = 0;

- if ((pf->loadopt & (PFCTL_FLAG_ALTQ | PFCTL_FLAG_ALL)) == 0) {

+ if ((pf->loadopt & PFCTL_FLAG_ALTQ) == 0) {

FREE_LIST(struct node_queue, nqueues);

return (0);

}

diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c
index 131123fa382..c9e35ec956a 100644
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: pfctl.c,v 1.181 2003/07/11 08:29:34 cedric Exp $ */

+/* $OpenBSD: pfctl.c,v 1.182 2003/07/18 06:30:07 cedric Exp $ */

@@ -86,7 +86,7 @@ char *tableopt;

const char *tblcmdopt;

int state_killers;

char *state_kill[2];

-int loadopt = PFCTL_FLAG_ALL;

+int loadopt;

int altqsupport;

int dev = -1;

@@ -840,31 +840,31 @@ pfctl_add_rule(struct pfctl *pf, struct pf_rule *r)

switch (r->action) {

case PF_SCRUB:

- if ((loadopt & (PFCTL_FLAG_FILTER | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_FILTER) == 0)

return (0);

rs_num = PF_RULESET_SCRUB;

break;

case PF_DROP:

case PF_PASS:

- if ((loadopt & (PFCTL_FLAG_FILTER | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_FILTER) == 0)

return (0);

rs_num = PF_RULESET_FILTER;

break;

case PF_NAT:

case PF_NONAT:

- if ((loadopt & (PFCTL_FLAG_NAT | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_NAT) == 0)

return (0);

rs_num = PF_RULESET_NAT;

break;

case PF_RDR:

case PF_NORDR:

- if ((loadopt & (PFCTL_FLAG_NAT | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_NAT) == 0)

return (0);

rs_num = PF_RULESET_RDR;

break;

case PF_BINAT:

case PF_NOBINAT:

- if ((loadopt & (PFCTL_FLAG_NAT | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_NAT) == 0)

return (0);

rs_num = PF_RULESET_BINAT;

break;

@@ -892,7 +892,7 @@ int

pfctl_add_altq(struct pfctl *pf, struct pf_altq *a)

{

if (altqsupport &&

- (loadopt & (PFCTL_FLAG_ALTQ | PFCTL_FLAG_ALL)) != 0) {

+ (loadopt & PFCTL_FLAG_ALTQ) != 0) {

memcpy(&pf->paltq->altq, a, sizeof(struct pf_altq));

if ((pf->opts & PF_OPT_NOACTION) == 0) {

if (ioctl(pf->dev, DIOCADDALTQ, pf->paltq)) {

@@ -941,7 +941,7 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname,

infile = filename;

}

if ((opts & PF_OPT_NOACTION) == 0) {

- if ((loadopt & (PFCTL_FLAG_NAT | PFCTL_FLAG_ALL)) != 0) {

+ if ((loadopt & PFCTL_FLAG_NAT) != 0) {

pr[PF_RULESET_NAT].rule.action = PF_NAT;

if (ioctl(dev, DIOCBEGINRULES, &pr[PF_RULESET_NAT]))

ERR("DIOCBEGINRULES");

@@ -952,12 +952,11 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname,

if (ioctl(dev, DIOCBEGINRULES, &pr[PF_RULESET_BINAT]))

ERR("DIOCBEGINRULES");

}

- if (((altqsupport && (loadopt &

- (PFCTL_FLAG_ALTQ | PFCTL_FLAG_ALL)) != 0)) &&

+ if (((altqsupport && (loadopt & PFCTL_FLAG_ALTQ) != 0)) &&

ioctl(dev, DIOCBEGINALTQS, &pa.ticket)) {

ERR("DIOCBEGINALTQS");

}

- if ((loadopt & (PFCTL_FLAG_FILTER | PFCTL_FLAG_ALL)) != 0) {

+ if ((loadopt & PFCTL_FLAG_FILTER) != 0) {

pr[PF_RULESET_SCRUB].rule.action = PF_SCRUB;

if (ioctl(dev, DIOCBEGINRULES, &pr[PF_RULESET_SCRUB]))

ERR("DIOCBEGINRULES");

@@ -965,7 +964,7 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname,

if (ioctl(dev, DIOCBEGINRULES, &pr[PF_RULESET_FILTER]))

ERR("DIOCBEGINRULES");

}

- if (loadopt & (PFCTL_FLAG_TABLE | PFCTL_FLAG_ALL)) {

+ if (loadopt & PFCTL_FLAG_TABLE) {

if (pfr_ina_begin(&pf.tticket, NULL, 0) != 0)

ERR("begin table");

}

@@ -983,11 +982,11 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname,

pf.ruleset = rulesetname;

if (parse_rules(fin, &pf) < 0)

ERRX("Syntax error in config file: pf rules not loaded");

- if ((altqsupport && (loadopt & (PFCTL_FLAG_ALTQ | PFCTL_FLAG_ALL)) != 0))

+ if ((altqsupport && (loadopt & PFCTL_FLAG_ALTQ) != 0))

if (check_commit_altq(dev, opts) != 0)

ERRX("errors in altq config");

if ((opts & PF_OPT_NOACTION) == 0) {

- if ((loadopt & (PFCTL_FLAG_NAT | PFCTL_FLAG_ALL)) != 0) {

+ if ((loadopt & PFCTL_FLAG_NAT) != 0) {

pr[PF_RULESET_NAT].rule.action = PF_NAT;

if (ioctl(dev, DIOCCOMMITRULES, &pr[PF_RULESET_NAT]) &&

(errno != EINVAL || pf.rule_nr))

@@ -1001,11 +1000,10 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname,

(errno != EINVAL || pf.rule_nr))

ERR("DIOCCOMMITRULES BINAT");

}

- if (((altqsupport && (loadopt &

- (PFCTL_FLAG_ALTQ | PFCTL_FLAG_ALL)) != 0)) &&

+ if (((altqsupport && (loadopt & PFCTL_FLAG_ALTQ) != 0)) &&

ioctl(dev, DIOCCOMMITALTQS, &pa.ticket))

ERR("DIOCCOMMITALTQS");

- if ((loadopt & (PFCTL_FLAG_FILTER | PFCTL_FLAG_ALL)) != 0) {

+ if ((loadopt & PFCTL_FLAG_FILTER) != 0) {

pr[PF_RULESET_SCRUB].rule.action = PF_SCRUB;

if (ioctl(dev, DIOCCOMMITRULES, &pr[PF_RULESET_SCRUB]) &&

(errno != EINVAL || pf.rule_nr))

@@ -1015,7 +1013,7 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname,

(errno != EINVAL || pf.rule_nr))

ERR("DIOCCOMMITRULES FILTER");

}

- if (loadopt & (PFCTL_FLAG_TABLE | PFCTL_FLAG_ALL)) {

+ if (loadopt & PFCTL_FLAG_TABLE) {

if (pfr_ina_commit(pf.tticket, NULL, NULL, 0))

ERR("commit table");

pf.tdirty = 0;

@@ -1046,7 +1044,7 @@ pfctl_set_limit(struct pfctl *pf, const char *opt, unsigned int limit)

struct pfioc_limit pl;

int i;

- if ((loadopt & (PFCTL_FLAG_OPTION | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_OPTION) == 0)

return (0);

memset(&pl, 0, sizeof(pl));

@@ -1085,7 +1083,7 @@ pfctl_set_timeout(struct pfctl *pf, const char *opt, int seconds, int quiet)

struct pfioc_tm pt;

int i;

- if ((loadopt & (PFCTL_FLAG_OPTION | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_OPTION) == 0)

return (0);

memset(&pt, 0, sizeof(pt));

@@ -1119,7 +1117,7 @@ pfctl_set_optimization(struct pfctl *pf, const char *opt)

const struct pf_hint *hint;

int i, r;

- if ((loadopt & (PFCTL_FLAG_OPTION | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_OPTION) == 0)

return (0);

for (i = 0; pf_hints[i].name; i++)

@@ -1148,7 +1146,7 @@ pfctl_set_logif(struct pfctl *pf, char *ifname)

{

struct pfioc_if pi;

- if ((loadopt & (PFCTL_FLAG_OPTION | PFCTL_FLAG_ALL)) == 0)

+ if ((loadopt & PFCTL_FLAG_OPTION) == 0)

return (0);

memset(&pi, 0, sizeof(pi));

@@ -1339,7 +1337,6 @@ main(int argc, char *argv[])

opts |= PF_OPT_NOACTION;

break;

case 'N':

- loadopt &= ~PFCTL_FLAG_ALL;

loadopt |= PFCTL_FLAG_NAT;

break;

case 'r':

@@ -1353,15 +1350,12 @@ main(int argc, char *argv[])

opts |= PF_OPT_DEBUG;

break;

case 'A':

- loadopt &= ~PFCTL_FLAG_ALL;

loadopt |= PFCTL_FLAG_ALTQ;

break;

case 'R':

- loadopt &= ~PFCTL_FLAG_ALL;

loadopt |= PFCTL_FLAG_FILTER;

break;

case 'O':

- loadopt &= ~PFCTL_FLAG_ALL;

loadopt |= PFCTL_FLAG_OPTION;

break;

case 's':

@@ -1411,7 +1405,7 @@ main(int argc, char *argv[])

argv += optind;

ch = *tblcmdopt;

if (ch == 'l') {

- loadopt = PFCTL_FLAG_TABLE;

+ loadopt |= PFCTL_FLAG_TABLE;

tblcmdopt = NULL;

} else {

mode = strchr("acdfkrz", ch) ? O_RDWR : O_RDONLY;

@@ -1426,6 +1420,8 @@ main(int argc, char *argv[])

usage();

/* NOTREACHED */

}

+ if (loadopt == 0)

+ loadopt = ~0;

memset(anchorname, 0, sizeof(anchorname));

memset(rulesetname, 0, sizeof(rulesetname));

@@ -1453,12 +1449,7 @@ main(int argc, char *argv[])

errx(1, "ruleset name '%s' too long", p);

free(t); /* not p */

}

- if (loadopt & PFCTL_FLAG_ALL) {

- loadopt &= ~PFCTL_FLAG_ALL;

- loadopt |= PFCTL_FLAG_FILTER;

- loadopt |= PFCTL_FLAG_NAT;

- loadopt |= PFCTL_FLAG_TABLE;

- }

+ loadopt &= PFCTL_FLAG_FILTER|PFCTL_FLAG_NAT|PFCTL_FLAG_TABLE;

}

if ((opts & PF_OPT_NOACTION) == 0) {

diff --git a/sbin/pfctl/pfctl_parser.h b/sbin/pfctl/pfctl_parser.h
index bcb4b8d3f2a..1079d5925c4 100644
--- a/sbin/pfctl/pfctl_parser.h
+++ b/sbin/pfctl/pfctl_parser.h

@@ -1,4 +1,4 @@

-/* $OpenBSD: pfctl_parser.h,v 1.64 2003/07/11 08:29:34 cedric Exp $ */

+/* $OpenBSD: pfctl_parser.h,v 1.65 2003/07/18 06:30:07 cedric Exp $ */

@@ -189,7 +189,6 @@ struct pf_timeout {

int timeout;

};

-#define PFCTL_FLAG_ALL 0x01

#define PFCTL_FLAG_FILTER 0x02

#define PFCTL_FLAG_NAT 0x04

#define PFCTL_FLAG_OPTION 0x08