diff options
| author | Cedric Berger <cedric@cvs.openbsd.org> | 2003-01-09 10:40:46 +0000 |
|---|---|---|
| committer | Cedric Berger <cedric@cvs.openbsd.org> | 2003-01-09 10:40:46 +0000 |
| commit | ef9a4fa0481b3db31c30b68a6257c7a03c593c18 (patch) | |
| tree | 1f05dbe8255eb7156a2b2e4a4b80524c15b16b6e /sys/net/pf_ioctl.c | |
| parent | f3ba1b333f3d2c3a0007a91bf2ec133aae943748 (diff) | |
Add support for active/inactive tablesets in the kernel.
Add table definition/initialisation construct in pfctl parser.
Add and fix documentation for pf.4 and pf.conf.5.
Tested on i386 and sparc64 by myself, macppc by Daniel.
ok dhartmei@
Diffstat (limited to 'sys/net/pf_ioctl.c')
| -rw-r--r-- | sys/net/pf_ioctl.c | 38 |
1 files changed, 37 insertions, 1 deletions
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 6f75f10f72c..d1c2e0fb39e 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.45 2003/01/07 00:21:07 dhartmei Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.46 2003/01/09 10:40:44 cedric Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -706,6 +706,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) bcopy(rule, &pr->rule, sizeof(struct pf_rule)); pf_dynaddr_copyout(&pr->rule.src.addr); pf_dynaddr_copyout(&pr->rule.dst.addr); + pf_tbladdr_copyout(&pr->rule.src.addr); + pf_tbladdr_copyout(&pr->rule.dst.addr); for (i = 0; i < PF_SKIP_COUNT; ++i) if (rule->skip[i].ptr == NULL) pr->rule.skip[i].nr = -1; @@ -1755,6 +1757,15 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) break; } + case DIOCRSETTFLAGS: { + struct pfioc_table *io = (struct pfioc_table *)addr; + + error = pfr_set_tflags(io->pfrio_buffer, io->pfrio_size, + io->pfrio_setflag, io->pfrio_clrflag, &io->pfrio_nchange, + &io->pfrio_nadd, io->pfrio_flags); + break; + } + case DIOCRCLRADDRS: { struct pfioc_table *io = (struct pfioc_table *)addr; @@ -1820,6 +1831,31 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) break; } + case DIOCRINABEGIN: { + struct pfioc_table *io = (struct pfioc_table *)addr; + + error = pfr_ina_begin(&io->pfrio_ticket, &io->pfrio_ndel, + io->pfrio_flags); + break; + } + + case DIOCRINACOMMIT: { + struct pfioc_table *io = (struct pfioc_table *)addr; + + error = pfr_ina_commit(io->pfrio_ticket, &io->pfrio_nadd, + &io->pfrio_nchange, io->pfrio_flags); + break; + } + + case DIOCRINADEFINE: { + struct pfioc_table *io = (struct pfioc_table *)addr; + + error = pfr_ina_define(&io->pfrio_table, io->pfrio_buffer, + io->pfrio_size, &io->pfrio_nadd, &io->pfrio_naddr, + io->pfrio_ticket, io->pfrio_flags); + break; + } + default: error = ENODEV; break; |