git: ddd08375c855 - main - pf (t)ftp-proxy: use libpfctl instead of DIOCGETSTATUS
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 31 Aug 2023 08:56:41 UTC
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=ddd08375c85576b49fb9a34968ba2c2f4f8d56cf commit ddd08375c85576b49fb9a34968ba2c2f4f8d56cf Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2023-08-29 15:00:44 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2023-08-31 08:56:31 +0000 pf (t)ftp-proxy: use libpfctl instead of DIOCGETSTATUS Prefer libpfctl functions over direct access to the ioctl whenever possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as there already is an nvlist-based alternative. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D41647 --- contrib/pf/ftp-proxy/filter.c | 9 ++++++--- contrib/pf/tftp-proxy/filter.c | 9 ++++++--- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/contrib/pf/ftp-proxy/filter.c b/contrib/pf/ftp-proxy/filter.c index e4787985e99f..4277e079f3be 100644 --- a/contrib/pf/ftp-proxy/filter.c +++ b/contrib/pf/ftp-proxy/filter.c @@ -169,7 +169,7 @@ do_rollback(void) void init_filter(const char *opt_qname, const char *opt_tagname, int opt_verbose) { - struct pf_status status; + struct pfctl_status *status; qname = opt_qname; tagname = opt_tagname; @@ -182,10 +182,13 @@ init_filter(const char *opt_qname, const char *opt_tagname, int opt_verbose) dev = open("/dev/pf", O_RDWR); if (dev == -1) err(1, "open /dev/pf"); - if (ioctl(dev, DIOCGETSTATUS, &status) == -1) + status = pfctl_get_status(dev); + if (status == NULL) err(1, "DIOCGETSTATUS"); - if (!status.running) + if (!status->running) errx(1, "pf is disabled"); + + pfctl_free_status(status); } int diff --git a/contrib/pf/tftp-proxy/filter.c b/contrib/pf/tftp-proxy/filter.c index 1689d3465fd3..966628464d28 100644 --- a/contrib/pf/tftp-proxy/filter.c +++ b/contrib/pf/tftp-proxy/filter.c @@ -173,7 +173,7 @@ do_rollback(void) void init_filter(char *opt_qname, int opt_verbose) { - struct pf_status status; + struct pfctl_status *status; qname = opt_qname; @@ -187,14 +187,17 @@ init_filter(char *opt_qname, int opt_verbose) syslog(LOG_ERR, "can't open /dev/pf"); exit(1); } - if (ioctl(dev, DIOCGETSTATUS, &status) == -1) { + status = pfctl_get_status(dev); + if (status == NULL) { syslog(LOG_ERR, "DIOCGETSTATUS"); exit(1); } - if (!status.running) { + if (!status->running) { syslog(LOG_ERR, "pf is disabled"); exit(1); } + + pfctl_free_status(status); } int