git: db306b0b412a - stable/12 - pf: add pf_find_state_all_exists

Wed Jul 14 14:58:00 UTC 2021

The branch stable/12 has been updated by mjg:

URL: https://cgit.FreeBSD.org/src/commit/?id=db306b0b412a0d14c8a25ab5194c82106a09d0e2

commit db306b0b412a0d14c8a25ab5194c82106a09d0e2
Author:     Mateusz Guzik <mjg at FreeBSD.org>
AuthorDate: 2021-07-08 13:11:57 +0000
Commit:     Mateusz Guzik <mjg at FreeBSD.org>
CommitDate: 2021-07-14 14:55:35 +0000

    pf: add pf_find_state_all_exists
    
    Reviewed by:    kp
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    
    (cherry picked from commit 19d6e29b872232c47190344f3dfded2f73edd8ae)
---
 sys/net/pfvar.h        |  2 ++
 sys/netpfil/pf/pf.c    |  9 +++++++++
 sys/netpfil/pf/pf_lb.c | 10 ++++------
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index d327451d869a..b2c4231f29cc 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1589,6 +1589,8 @@ pf_release_staten(struct pf_kstate *s, u_int n)
 extern struct pf_kstate		*pf_find_state_byid(uint64_t, uint32_t);
 extern struct pf_kstate		*pf_find_state_all(struct pf_state_key_cmp *,
 				    u_int, int *);
+extern bool			pf_find_state_all_exists(struct pf_state_key_cmp *,
+				    u_int);
 extern struct pf_ksrc_node	*pf_find_src_node(struct pf_addr *,
 				    struct pf_krule *, sa_family_t, int);
 extern void			 pf_unlink_src_node(struct pf_ksrc_node *);
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 5f201c1228eb..6cabec0fdeaa 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1453,6 +1453,15 @@ second_run:
 	return (ret);
 }
 
+bool
+pf_find_state_all_exists(struct pf_state_key_cmp *key, u_int dir)
+{
+	struct pf_kstate *s;
+
+	s = pf_find_state_all(key, dir, NULL);
+	return (s != NULL);
+}
+
 /* END state table stuff */
 
 static void
diff --git a/sys/netpfil/pf/pf_lb.c b/sys/netpfil/pf/pf_lb.c
index 8160166edc95..b7079c47308a 100644
--- a/sys/netpfil/pf/pf_lb.c
+++ b/sys/netpfil/pf/pf_lb.c
@@ -244,13 +244,13 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_krule *r,
 			 * (traceroute -I through nat)
 			 */
 			key.port[1] = sport;
-			if (pf_find_state_all(&key, PF_IN, NULL) == NULL) {
+			if (!pf_find_state_all_exists(&key, PF_IN)) {
 				*nport = sport;
 				return (0);
 			}
 		} else if (low == high) {
 			key.port[1] = htons(low);
-			if (pf_find_state_all(&key, PF_IN, NULL) == NULL) {
+			if (!pf_find_state_all_exists(&key, PF_IN)) {
 				*nport = htons(low);
 				return (0);
 			}
@@ -268,8 +268,7 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_krule *r,
 			/* low <= cut <= high */
 			for (tmp = cut; tmp <= high && tmp <= 0xffff; ++tmp) {
 				key.port[1] = htons(tmp);
-				if (pf_find_state_all(&key, PF_IN, NULL) ==
-				    NULL) {
+				if (!pf_find_state_all_exists(&key, PF_IN)) {
 					*nport = htons(tmp);
 					return (0);
 				}
@@ -277,8 +276,7 @@ pf_get_sport(sa_family_t af, u_int8_t proto, struct pf_krule *r,
 			tmp = cut;
 			for (tmp -= 1; tmp >= low && tmp <= 0xffff; --tmp) {
 				key.port[1] = htons(tmp);
-				if (pf_find_state_all(&key, PF_IN, NULL) ==
-				    NULL) {
+				if (!pf_find_state_all_exists(&key, PF_IN)) {
 					*nport = htons(tmp);
 					return (0);
 				}
