diff options
| author | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2003-01-07 00:21:09 +0000 |
|---|---|---|
| committer | Daniel Hartmeier <dhartmei@cvs.openbsd.org> | 2003-01-07 00:21:09 +0000 |
| commit | 0987a4276d8fcff0c0a3f9b07ac039c1f85c744c (patch) | |
| tree | 7fc8e171b718da2a12e8315418ac80af328baa56 /sbin | |
| parent | f56df94d448441650adcbba06f82aea81b0d246d (diff) | |
Remove table name hashing (pass the name in each ioctl instead), and
introduce reference counting for tables, they are now automatically
created and deleted through referencing rules. Diff partly from cedric@.
ok mcbride@, henning@, cedric@
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/pfctl/parse.y | 22 | ||||
| -rw-r--r-- | sbin/pfctl/pf_print_state.c | 13 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl.h | 4 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_radix.c | 45 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_table.c | 26 |
5 files changed, 31 insertions, 79 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index c3b55028a77..1c2edb43550 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.279 2003/01/06 11:30:10 mcbride Exp $ */ +/* $OpenBSD: parse.y,v 1.280 2003/01/07 00:21:07 dhartmei Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -1479,23 +1479,19 @@ xhost : '!' host { host : address | STRING '/' number { $$ = host($1, $3); } | PORTUNARY STRING PORTUNARY { - struct pfr_table tbl; - int exists = 0; - if ($1 != PF_OP_LT || $3 != PF_OP_GT) YYERROR; + if (strlen($2) >= PF_TABLE_NAME_SIZE) { + yyerror("table name '%s' too long"); + YYERROR; + } $$ = calloc(1, sizeof(struct node_host)); if ($$ == NULL) err(1, "host: calloc"); - $$->af = 0; - bzero(&tbl, sizeof(tbl)); - strlcpy(tbl.pfrt_name, $2, sizeof(tbl.pfrt_name)); - if (pfr_wrap_table(&tbl, &$$->addr, &exists, 0)) - err(1, "pfr_wrap_table"); - if (!exists) - fprintf(stderr, "warning: %s " - "table is not currently defined\n", - tbl.pfrt_name); + $$->addr.type = PF_ADDR_TABLE; + strlcpy($$->addr.v.tblname, $2, PF_TABLE_NAME_SIZE); + $$->next = NULL; + $$->tail = $$; } ; diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c index bafcc1166b5..27fb9b19cb2 100644 --- a/sbin/pfctl/pf_print_state.c +++ b/sbin/pfctl/pf_print_state.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_print_state.c,v 1.17 2003/01/05 22:14:23 dhartmei Exp $ */ +/* $OpenBSD: pf_print_state.c,v 1.18 2003/01/07 00:21:08 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -62,17 +62,10 @@ print_addr(struct pf_addr_wrap *addr, sa_family_t af) { char buf[48]; - if (addr->v.a.mask.addr32[0] == PF_TABLE_MASK) { - struct pfr_table tbl = { "?" }; - - if (pfr_unwrap_table(&tbl, addr, 0)) - printf("<0x%08X>", addr->v.a.addr.addr32[0]); - else - printf("<%s>", tbl.pfrt_name); - return; - } if (addr->type == PF_ADDR_DYNIFTL) printf("(%s)", addr->v.ifname); + else if (addr->type == PF_ADDR_TABLE) + printf("<%s>", addr->v.tblname); else { if (inet_ntop(af, &addr->v.a.addr, buf, sizeof(buf)) == NULL) printf("?"); diff --git a/sbin/pfctl/pfctl.h b/sbin/pfctl/pfctl.h index 5346ab1a949..8111f407405 100644 --- a/sbin/pfctl/pfctl.h +++ b/sbin/pfctl/pfctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.h,v 1.2 2003/01/04 22:42:14 henning Exp $ */ +/* $OpenBSD: pfctl.h,v 1.3 2003/01/07 00:21:08 dhartmei Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -50,8 +50,6 @@ int pfr_get_addrs(struct pfr_table *, struct pfr_addr *, int *, int); int pfr_get_astats(struct pfr_table *, struct pfr_astats *, int *, int); int pfr_clr_astats(struct pfr_table *, struct pfr_addr *, int, int *, int); int pfr_tst_addrs(struct pfr_table *, struct pfr_addr *, int, int *, int); -int pfr_wrap_table(struct pfr_table *, struct pf_addr_wrap *, int *, int); -int pfr_unwrap_table(struct pfr_table *, struct pf_addr_wrap *, int); int pfctl_clear_tables(int); int pfctl_show_tables(int); int pfctl_command_tables(int, char *[], char *, char *, char *, int); diff --git a/sbin/pfctl/pfctl_radix.c b/sbin/pfctl/pfctl_radix.c index 08de265eb5d..d5fdb825dac 100644 --- a/sbin/pfctl/pfctl_radix.c +++ b/sbin/pfctl/pfctl_radix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_radix.c,v 1.6 2003/01/04 00:01:34 deraadt Exp $ */ +/* $OpenBSD: pfctl_radix.c,v 1.7 2003/01/07 00:21:08 dhartmei Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -337,46 +337,3 @@ pfr_tst_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size, *nmatch = io.pfrio_nmatch; return (0); } - -int -pfr_wrap_table(struct pfr_table *tbl, struct pf_addr_wrap *wrap, - int *exists, int flags) -{ - struct pfioc_table io; - - if (tbl == NULL) { - errno = EINVAL; - return -1; - } - bzero(&io, sizeof io); - io.pfrio_flags = flags; - io.pfrio_table = *tbl; - io.pfrio_buffer = wrap; - io.pfrio_size = wrap ? 1 : 0; - io.pfrio_exists = exists ? 1 : 0; - if (ioctl(dev, DIOCRWRAPTABLE, &io)) - return (-1); - if (exists) - *exists = io.pfrio_exists; - return (0); -} - -int -pfr_unwrap_table(struct pfr_table *tbl, struct pf_addr_wrap *wrap, int flags) -{ - struct pfioc_table io; - - if (wrap == NULL) { - errno = EINVAL; - return -1; - } - bzero(&io, sizeof io); - io.pfrio_flags = flags; - io.pfrio_buffer = wrap; - io.pfrio_size = 1; - if (ioctl(dev, DIOCRUNWRTABLE, &io)) - return (-1); - if (tbl != NULL) - *tbl = io.pfrio_table; - return (0); -} diff --git a/sbin/pfctl/pfctl_table.c b/sbin/pfctl/pfctl_table.c index 7db623f3771..9957718b181 100644 --- a/sbin/pfctl/pfctl_table.c +++ b/sbin/pfctl/pfctl_table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_table.c,v 1.11 2003/01/04 00:01:34 deraadt Exp $ */ +/* $OpenBSD: pfctl_table.c,v 1.12 2003/01/07 00:21:08 dhartmei Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -60,8 +60,8 @@ extern void usage(void); static int pfctl_table(int, char *[], char *, char *, char *, int); static void grow_buffer(int, int); -static void print_table(struct pfr_table *); -static void print_tstats(struct pfr_tstats *); +static void print_table(struct pfr_table *, int); +static void print_tstats(struct pfr_tstats *, int); static void load_addr(int, char *[], char *, int); static int next_token(char [], FILE *); static void append_addr(char *, int); @@ -181,9 +181,11 @@ pfctl_table(int argc, char *argv[], char *tname, char *command, } for (i = 0; i < size; i++) if (opts & PF_OPT_VERBOSE) - print_tstats(buffer.tstats+i); + print_tstats(buffer.tstats+i, + opts & PF_OPT_VERBOSE2); else - print_table(buffer.tables+i); + print_table(buffer.tables+i, + opts & PF_OPT_VERBOSE2); } else if (!strcmp(*p, "create")) { if (argc || file != NULL) usage(); @@ -358,19 +360,25 @@ grow_buffer(int bs, int minsize) } void -print_table(struct pfr_table *ta) +print_table(struct pfr_table *ta, int all) { - printf("%s\n", ta->pfrt_name); + if (!all && !(ta->pfrt_flags & PFR_TFLAG_ACTIVE)) + return; + printf(" %c%s\n", (ta->pfrt_flags & PFR_TFLAG_PERSIST)?'+':' ', + ta->pfrt_name); } void -print_tstats(struct pfr_tstats *ts) +print_tstats(struct pfr_tstats *ts, int all) { time_t time = ts->pfrts_tzero; int dir, op; - printf("%s\n", ts->pfrts_name); + if (!all && !(ts->pfrts_flags & PFR_TFLAG_ACTIVE)) + return; + print_table(&ts->pfrts_t, all); printf("\tAddresses: %d\n", ts->pfrts_cnt); + printf("\tReferences: %d\n", ts->pfrts_refcnt); printf("\tCleared: %s", ctime(&time)); printf("\tEvaluations: [ NoMatch: %-18llu Match: %-18llu ]\n", ts->pfrts_nomatch, ts->pfrts_match); |