set/update the queue IDs on filter rules (qid and pqid) on

-DIOCCHANGERULE (just the affected rule)
-DIOCCOMMITRULES (all filter rules that get committed - one anchor or main rs)
-DIOCCOMMITALTQS (all filter rules, main set plus all anchors)

This fixes a whole bunch of issues.
previously, this was done in userland at load time. This worked fine for the
usual case, full ruleset load. It did not work inside anchors, as the queue
name <-> queue ID mapping is unknown there. Also, if the queue definitions
were changed without reloading the rules too (pfctl -A), the queue IDs on
the rules were not updated.
The three ioctls mentioned above are all entry points where the mapping is
touched.

helpful discussion with dhartmei@ and cedric@ helped verifying my approach
for this fix was right.

ok dhartmei@ cedric@

1 files changed, 3 insertions, 1 deletions

diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index 6bbf3182de8..c732bdf4174 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfvar.h,v 1.139 2003/04/09 15:32:59 cedric Exp $ */
+/*	$OpenBSD: pfvar.h,v 1.140 2003/04/11 14:40:57 henning Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -961,6 +961,8 @@ extern int			 pf_dynaddr_setup(struct pf_addr_wrap *,
 extern void			 pf_dynaddr_copyout(struct pf_addr_wrap *);
 extern void			 pf_dynaddr_remove(struct pf_addr_wrap *);
 extern void			 pf_calc_skip_steps(struct pf_rulequeue *);
+extern void			 pf_rule_set_qid(struct pf_rulequeue *);
+extern u_int32_t		 pf_qname_to_qid(char *);
 extern void			 pf_update_anchor_rules(void);
 extern struct pool		 pf_tree_pl, pf_rule_pl, pf_addr_pl;
 extern struct pool		 pf_state_pl, pf_altq_pl, pf_pooladdr_pl;