git: 81eb1a733dac - main - net/miniupnpd: update to 2.3.6
Date: Wed, 29 May 2024 15:02:47 UTC
The branch main has been updated by bapt:
URL: https://cgit.FreeBSD.org/ports/commit/?id=81eb1a733dacc201a8264908cc0bb7053fdaa8e3
commit 81eb1a733dacc201a8264908cc0bb7053fdaa8e3
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2024-05-08 08:39:08 +0000
Commit: Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2024-05-29 15:02:08 +0000
net/miniupnpd: update to 2.3.6
PR: 273207
PR: https://redmine.pfsense.org/issues/15470
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
net/miniupnpd/Makefile | 5 +-
net/miniupnpd/distinfo | 6 +-
net/miniupnpd/files/patch-pf_obsdrdr.c | 164 ++++++++++++++++++++++++-------
net/miniupnpd/files/patch-pf_pfpinhole.c | 88 +++++++++++++----
4 files changed, 201 insertions(+), 62 deletions(-)
diff --git a/net/miniupnpd/Makefile b/net/miniupnpd/Makefile
index 5a4fbb0bdcf4..cce1a2539cb1 100644
--- a/net/miniupnpd/Makefile
+++ b/net/miniupnpd/Makefile
@@ -1,6 +1,5 @@
PORTNAME= miniupnpd
-DISTVERSION= 2.3.3
-PORTREVISION= 3
+DISTVERSION= 2.3.6
PORTEPOCH= 1
CATEGORIES= net
@@ -18,7 +17,7 @@ CPE_VENDOR= miniupnp_project
USE_GITHUB= yes
GH_ACCOUNT= miniupnp
GH_PROJECT= miniupnp
-GH_TAGNAME= e439318
+GH_TAGNAME= miniupnpd_2_3_6
USE_RC_SUBR= miniupnpd
diff --git a/net/miniupnpd/distinfo b/net/miniupnpd/distinfo
index 5dea730d0c4b..1d7be071d12b 100644
--- a/net/miniupnpd/distinfo
+++ b/net/miniupnpd/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1683175217
-SHA256 (miniupnp-miniupnp-2.3.3-e439318_GH0.tar.gz) = 9324cd00db2d203f0f09e15d8556ff63b40de09bfa755b2b9a64856e146b3b44
-SIZE (miniupnp-miniupnp-2.3.3-e439318_GH0.tar.gz) = 454838
+TIMESTAMP = 1715155832
+SHA256 (miniupnp-miniupnp-2.3.6-miniupnpd_2_3_6_GH0.tar.gz) = 6e5ee2239030486675f558cc840d154e5e2db9517efc96c5b0ab2b2c34c1a128
+SIZE (miniupnp-miniupnp-2.3.6-miniupnpd_2_3_6_GH0.tar.gz) = 462607
diff --git a/net/miniupnpd/files/patch-pf_obsdrdr.c b/net/miniupnpd/files/patch-pf_obsdrdr.c
index 0f245db26a1b..a13e3888ed46 100644
--- a/net/miniupnpd/files/patch-pf_obsdrdr.c
+++ b/net/miniupnpd/files/patch-pf_obsdrdr.c
@@ -1,4 +1,4 @@
---- pf/obsdrdr.c.orig 2023-02-17 03:09:33 UTC
+--- pf/obsdrdr.c.orig 2024-03-19 23:41:25 UTC
+++ pf/obsdrdr.c
@@ -64,6 +64,8 @@
#include <stdio.h>
@@ -9,7 +9,7 @@
#include "../macros.h"
#include "config.h"
#include "obsdrdr.h"
-@@ -154,7 +156,7 @@ init_redirect(void)
+@@ -155,7 +157,7 @@ init_redirect(void)
int
init_redirect(void)
{
@@ -18,7 +18,7 @@
if(dev>=0)
shutdown_redirect();
dev = open("/dev/pf", O_RDWR);
-@@ -162,14 +164,16 @@ init_redirect(void)
+@@ -163,14 +165,16 @@ init_redirect(void)
syslog(LOG_ERR, "open(\"/dev/pf\"): %m");
return -1;
}
@@ -37,23 +37,33 @@
return 0;
}
-@@ -464,6 +468,7 @@ delete_nat_rule(const char * ifname, unsigned short ip
- {
- int i, n;
+@@ -471,6 +475,7 @@ delete_nat_rule(const char * ifname, unsigned short ip
+ int i, n, r;
+ unsigned int tnum;
struct pfioc_rule pr;
+ struct pfctl_rule rule;
UNUSED(ifname);
if(dev<0) {
syslog(LOG_ERR, "pf device is not open");
-@@ -486,19 +491,19 @@ delete_nat_rule(const char * ifname, unsigned short ip
+@@ -486,7 +491,7 @@ delete_nat_rule(const char * ifname, unsigned short ip
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0)
+ {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
+ n = pr.nr;
+@@ -497,7 +502,7 @@ delete_nat_rule(const char * ifname, unsigned short ip
for(i=0; i<n; i++)
{
pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0)
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0)
++ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, PF_NAT, &rule, pr.anchor_call) != 0)
{
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
- goto error;
+ r = -1;
+@@ -505,12 +510,12 @@ delete_nat_rule(const char * ifname, unsigned short ip
}
#ifdef TEST
syslog(LOG_DEBUG, "%2d port=%hu proto=%d addr=%8x %8x",
@@ -71,23 +81,58 @@
{
pr.action = PF_CHANGE_GET_TICKET;
if(ioctl(dev, DIOCCHANGERULE, &pr) < 0)
-@@ -843,6 +848,7 @@ get_redirect_rule(const char * ifname, unsigned short
+@@ -842,7 +847,7 @@ get_redirect_rule_count(const char * ifname)
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0)
+ {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
+ release_ticket(dev, pr.ticket);
+@@ -863,7 +868,9 @@ get_redirect_rule(const char * ifname, unsigned short
{
- int i, n;
- struct pfioc_rule pr;
+ int i, n, r;
+ unsigned int tnum;
+- struct pfioc_rule pr;
++ struct pfctl_rules_info info;
+ struct pfctl_rule rule;
++ char anchor_call[MAXPATHLEN];
#ifndef PF_NEWSTYLE
struct pfioc_pooladdr pp;
#endif
-@@ -866,37 +872,37 @@ get_redirect_rule(const char * ifname, unsigned short
+@@ -873,63 +880,57 @@ get_redirect_rule(const char * ifname, unsigned short
+ syslog(LOG_ERR, "pf device is not open");
+ return -1;
+ }
+- memset(&pr, 0, sizeof(pr));
+- strlcpy(pr.anchor, anchor_name, MAXPATHLEN);
+-#ifndef PF_NEWSTYLE
+- pr.rule.action = PF_RDR;
+-#endif
+- if(ioctl(dev, DIOCGETRULES, &pr) < 0)
++ if (pfctl_get_rules_info(dev, &info, PF_RDR, anchor_name) != 0)
+ {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
+- n = pr.nr;
++ n = info.nr;
+ #ifdef PF_RELEASETICKETS
+- tnum = pr.ticket;
++ tnum = info.ticket;
+ #endif /* PF_RELEASETICKETS */
+ r = -2;
for(i=0; i<n; i++)
{
- pr.nr = i;
+- pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0)
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0)
++ if (pfctl_get_rule(dev, i, info.ticket, anchor_name, PF_RDR, &rule, anchor_call) != 0)
{
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
- goto error;
+ r = -1;
+ break;
}
#ifdef __APPLE__
- if( (eport == ntohs(pr.rule.dst.xport.range.port[0]))
@@ -130,7 +175,15 @@
#endif
#ifndef PF_NEWSTYLE
memset(&pp, 0, sizeof(pp));
-@@ -928,15 +934,15 @@ get_redirect_rule(const char * ifname, unsigned short
+ strlcpy(pp.anchor, anchor_name, MAXPATHLEN);
+ pp.r_action = PF_RDR;
+ pp.r_num = i;
+- pp.ticket = pr.ticket;
++ pp.ticket = info.ticket;
+ if(ioctl(dev, DIOCGETADDRS, &pp) < 0)
+ {
+ syslog(LOG_ERR, "ioctl(dev, DIOCGETADDRS, ...): %m");
+@@ -957,15 +958,15 @@ get_redirect_rule(const char * ifname, unsigned short
iaddr, iaddrlen);
#endif
#else
@@ -149,7 +202,7 @@
#endif
{
rhost[0] = '\0'; /* empty string */
-@@ -944,10 +950,10 @@ get_redirect_rule(const char * ifname, unsigned short
+@@ -973,10 +974,10 @@ get_redirect_rule(const char * ifname, unsigned short
else
{
#ifdef PFVAR_NEW_STYLE
@@ -162,23 +215,33 @@
rhost, rhostlen);
#endif
}
-@@ -978,6 +984,7 @@ priv_delete_redirect_rule_check_desc(const char * ifna
- {
- int i, n;
+@@ -1010,6 +1011,7 @@ priv_delete_redirect_rule_check_desc(const char * ifna
+ int i, n, r;
+ unsigned int tnum;
struct pfioc_rule pr;
+ struct pfctl_rule rule;
UNUSED(ifname);
if(dev<0) {
-@@ -998,23 +1005,23 @@ priv_delete_redirect_rule_check_desc(const char * ifna
+@@ -1023,7 +1025,7 @@ priv_delete_redirect_rule_check_desc(const char * ifna
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0)
+ {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
+ n = pr.nr;
+@@ -1034,24 +1036,24 @@ priv_delete_redirect_rule_check_desc(const char * ifna
for(i=0; i<n; i++)
{
pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0)
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0)
++ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, PF_RDR, &rule, pr.anchor_call) != 0)
{
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
- goto error;
+ r = -1;
+ break;
}
#ifdef __APPLE__
- if( (eport == ntohs(pr.rule.dst.xport.range.port[0]))
@@ -201,7 +264,7 @@
if(iaddr)
{
/* retrieve internal address */
-@@ -1047,33 +1054,33 @@ priv_delete_redirect_rule_check_desc(const char * ifna
+@@ -1087,33 +1089,33 @@ priv_delete_redirect_rule_check_desc(const char * ifna
#endif
}
#else
@@ -240,23 +303,41 @@
- (desc && 0 == strcmp(desc, pr.rule.label))) {
+ if((desc == NULL && rule.label[0][0] == '\0') ||
+ (desc && 0 == strcmp(desc, rule.label[0]))) {
- return 1;
+ r = 1;
+ break;
}
- }
-@@ -1208,6 +1215,7 @@ get_redirect_rule_by_index(int index,
- {
- int n;
+@@ -1175,7 +1177,7 @@ priv_delete_filter_rule(const char * ifname, unsigned
+ pr.rule.action = PF_PASS;
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0)
+ {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
+ n = pr.nr;
+@@ -1275,6 +1277,7 @@ get_redirect_rule_by_index(int index,
+ int n, r;
+ unsigned int tnum;
struct pfioc_rule pr;
+ struct pfctl_rule rule;
#ifndef PF_NEWSTYLE
struct pfioc_pooladdr pp;
#endif
-@@ -1231,36 +1239,36 @@ get_redirect_rule_by_index(int index,
+@@ -1291,7 +1294,7 @@ get_redirect_rule_by_index(int index,
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0)
+ {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
+ n = pr.nr;
+@@ -1302,36 +1305,36 @@ get_redirect_rule_by_index(int index,
if(index >= n)
goto error;
pr.nr = index;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0)
-+ if (pfctl_get_rule(dev, index, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0)
++ if (pfctl_get_rule(dev, index, pr.ticket, pr.anchor, PF_RDR, &rule, pr.anchor_call) != 0)
{
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
goto error;
@@ -300,7 +381,7 @@
#endif
#ifndef PF_NEWSTYLE
memset(&pp, 0, sizeof(pp));
-@@ -1292,15 +1300,15 @@ get_redirect_rule_by_index(int index,
+@@ -1363,15 +1366,15 @@ get_redirect_rule_by_index(int index,
iaddr, iaddrlen);
#endif
#else
@@ -319,7 +400,7 @@
#endif
{
rhost[0] = '\0'; /* empty string */
-@@ -1308,10 +1316,10 @@ get_redirect_rule_by_index(int index,
+@@ -1379,10 +1382,10 @@ get_redirect_rule_by_index(int index,
else
{
#ifdef PFVAR_NEW_STYLE
@@ -332,7 +413,7 @@
rhost, rhostlen);
#endif
}
-@@ -1334,6 +1342,7 @@ get_portmappings_in_range(unsigned short startport, un
+@@ -1406,6 +1409,7 @@ get_portmappings_in_range(unsigned short startport, un
int i, n;
unsigned short eport;
struct pfioc_rule pr;
@@ -340,12 +421,21 @@
*number = 0;
if(dev<0) {
-@@ -1362,19 +1371,19 @@ get_portmappings_in_range(unsigned short startport, un
+@@ -1426,7 +1430,7 @@ get_portmappings_in_range(unsigned short startport, un
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0)
+ {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ free(array);
+ return NULL;
+ }
+@@ -1437,19 +1441,19 @@ get_portmappings_in_range(unsigned short startport, un
for(i=0; i<n; i++)
{
pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0)
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0)
++ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, PF_RDR, &rule, pr.anchor_call) != 0)
{
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
continue;
diff --git a/net/miniupnpd/files/patch-pf_pfpinhole.c b/net/miniupnpd/files/patch-pf_pfpinhole.c
index 9605ab3fd4a7..9c62bd94fdd4 100644
--- a/net/miniupnpd/files/patch-pf_pfpinhole.c
+++ b/net/miniupnpd/files/patch-pf_pfpinhole.c
@@ -1,4 +1,4 @@
---- pf/pfpinhole.c.orig 2023-10-30 16:24:29 UTC
+--- pf/pfpinhole.c.orig 2024-03-19 23:41:25 UTC
+++ pf/pfpinhole.c
@@ -28,6 +28,7 @@
#include <syslog.h>
@@ -8,21 +8,31 @@
#include "config.h"
#include "pfpinhole.h"
-@@ -170,6 +171,7 @@ int find_pinhole(const char * ifname,
- unsigned int ts;
+@@ -171,6 +172,7 @@ int find_pinhole(const char * ifname,
+ unsigned int ts, tnum;
int i, n;
struct pfioc_rule pr;
+ struct pfctl_rule rule;
struct in6_addr saddr;
struct in6_addr daddr;
UNUSED(ifname);
-@@ -196,21 +198,21 @@ int find_pinhole(const char * ifname,
+@@ -191,7 +193,7 @@ int find_pinhole(const char * ifname,
+ pr.rule.action = PF_PASS;
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0) {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
n = pr.nr;
+@@ -200,22 +202,22 @@ int find_pinhole(const char * ifname,
+ #endif /* PF_RELEASETICKETS */
for(i=0; i<n; i++) {
pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0) {
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0) {
++ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, PF_PASS, &rule, pr.anchor_call) < 0) {
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
+ release_ticket(dev, tnum);
return -1;
}
- if((proto == pr.rule.proto) && (rem_port == ntohs(pr.rule.src.port[0]))
@@ -46,20 +56,29 @@
if(p) {
p += 2;
strlcpy(desc, p, desc_len);
-@@ -226,6 +228,7 @@ int delete_pinhole(unsigned short uid)
- {
+@@ -234,6 +236,7 @@ int delete_pinhole(unsigned short uid)
int i, n;
+ unsigned int tnum;
struct pfioc_rule pr;
+ struct pfctl_rule rule;
char label_start[PF_RULE_LABEL_SIZE];
char tmp_label[PF_RULE_LABEL_SIZE];
-@@ -247,11 +250,11 @@ int delete_pinhole(unsigned short uid)
+@@ -249,7 +252,7 @@ int delete_pinhole(unsigned short uid)
+ pr.rule.action = PF_PASS;
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0) {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
n = pr.nr;
+@@ -258,11 +261,11 @@ int delete_pinhole(unsigned short uid)
+ #endif
for(i=0; i<n; i++) {
pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0) {
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0) {
++ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, PF_PASS, &rule, pr.anchor_call) < 0) {
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
return -1;
}
@@ -68,21 +87,31 @@
strtok(tmp_label, " ");
if(0 == strcmp(tmp_label, label_start)) {
pr.action = PF_CHANGE_GET_TICKET;
-@@ -282,6 +285,7 @@ get_pinhole_info(unsigned short uid,
- {
+@@ -298,6 +301,7 @@ get_pinhole_info(unsigned short uid,
int i, n;
+ unsigned int tnum;
struct pfioc_rule pr;
+ struct pfctl_rule rule;
char label_start[PF_RULE_LABEL_SIZE];
char tmp_label[PF_RULE_LABEL_SIZE];
char * p;
-@@ -304,26 +308,26 @@ get_pinhole_info(unsigned short uid,
+@@ -314,7 +318,7 @@ get_pinhole_info(unsigned short uid,
+ pr.rule.action = PF_PASS;
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0) {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
n = pr.nr;
+@@ -323,29 +327,29 @@ get_pinhole_info(unsigned short uid,
+ #endif
for(i=0; i<n; i++) {
pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0) {
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0) {
++ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, PF_PASS, &rule, pr.anchor_call) < 0) {
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
+ release_ticket(dev, tnum);
return -1;
}
- strlcpy(tmp_label, pr.rule.label, sizeof(tmp_label));
@@ -92,6 +121,7 @@
if(0 == strcmp(tmp_label, label_start)) {
- if(rem_host && (inet_ntop(AF_INET6, &pr.rule.src.addr.v.a.addr.v6, rem_host, rem_hostlen) == NULL)) {
+ if(rem_host && (inet_ntop(AF_INET6, &rule.src.addr.v.a.addr.v6, rem_host, rem_hostlen) == NULL)) {
+ release_ticket(dev, tnum);
return -1;
}
if(rem_port)
@@ -99,6 +129,7 @@
- if(int_client && (inet_ntop(AF_INET6, &pr.rule.dst.addr.v.a.addr.v6, int_client, int_clientlen) == NULL)) {
+ *rem_port = ntohs(rule.src.port[0]);
+ if(int_client && (inet_ntop(AF_INET6, &rule.dst.addr.v.a.addr.v6, int_client, int_clientlen) == NULL)) {
+ release_ticket(dev, tnum);
return -1;
}
if(int_port)
@@ -110,7 +141,7 @@
if(timestamp)
sscanf(p, "ts-%u", timestamp);
if(desc) {
-@@ -336,14 +340,14 @@ get_pinhole_info(unsigned short uid,
+@@ -358,14 +362,14 @@ get_pinhole_info(unsigned short uid,
}
#ifdef PFRULE_INOUT_COUNTS
if(packets)
@@ -127,23 +158,33 @@
- *bytes = pr.rule.bytes;
+ *bytes = rule.bytes;
#endif
+ release_ticket(dev, tnum);
return 0;
- }
-@@ -369,6 +373,7 @@ int clean_pinhole_list(unsigned int * next_timestamp)
+@@ -393,6 +397,7 @@ int clean_pinhole_list(unsigned int * next_timestamp)
{
int i;
struct pfioc_rule pr;
+ struct pfctl_rule rule;
time_t current_time;
- unsigned int ts;
+ unsigned int ts, tnum;
int uid;
-@@ -392,16 +397,16 @@ int clean_pinhole_list(unsigned int * next_timestamp)
+@@ -411,7 +416,7 @@ int clean_pinhole_list(unsigned int * next_timestamp)
+ pr.rule.action = PF_PASS;
+ #endif
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0) {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
}
+ #ifdef PF_RELEASETICKETS
+@@ -419,17 +424,17 @@ int clean_pinhole_list(unsigned int * next_timestamp)
+ #endif
for(i = pr.nr - 1; i >= 0; i--) {
pr.nr = i;
- if(ioctl(dev, DIOCGETRULE, &pr) < 0) {
-+ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, pr.action, &rule, pr.anchor_call) < 0) {
++ if (pfctl_get_rule(dev, i, pr.ticket, pr.anchor, PF_PASS, &rule, pr.anchor_call) < 0) {
syslog(LOG_ERR, "ioctl(dev, DIOCGETRULE): %m");
+ release_ticket(dev, tnum);
return -1;
}
- if(sscanf(pr.rule.label, PINEHOLE_LABEL_FORMAT_SKIPDESC, &uid, &ts) != 2) {
@@ -158,3 +199,12 @@
pr.action = PF_CHANGE_GET_TICKET;
if(ioctl(dev, DIOCCHANGERULE, &pr) < 0) {
syslog(LOG_ERR, "ioctl(dev, DIOCCHANGERULE, ...) PF_CHANGE_GET_TICKET: %m");
+@@ -449,7 +454,7 @@ int clean_pinhole_list(unsigned int * next_timestamp)
+ #endif
+ release_ticket(dev, tnum);
+ if(ioctl(dev, DIOCGETRULES, &pr) < 0) {
+- syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...): %m");
++ syslog(LOG_ERR, "ioctl(dev, DIOCGETRULES, ...) (%s:%d): %m", __func__, __LINE__);
+ return -1;
+ }
+ #ifdef PF_RELEASETICKETS