svn commit: r318131 - stable/11/sbin/ipfw

Wed May 10 05:01:07 UTC 2017

Author: ae
Date: Wed May 10 05:01:05 2017
New Revision: 318131
URL: https://svnweb.freebsd.org/changeset/base/318131

Log:
  MFC r317682:
    Add `ipfw table all destroy` support.
  
    PR:		212669

Modified:
  stable/11/sbin/ipfw/ipfw.8
  stable/11/sbin/ipfw/tables.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sbin/ipfw/ipfw.8
==============================================================================

--- stable/11/sbin/ipfw/ipfw.8	Wed May 10 03:47:22 2017	(r318130)
+++ stable/11/sbin/ipfw/ipfw.8	Wed May 10 05:01:05 2017	(r318131)
@@ -50,7 +50,9 @@ in-kernel NAT.
 .Nm
 .Oo Cm set Ar N Oc Cm table Ar name Cm create Ar create-options
 .Nm
-.Oo Cm set Ar N Oc Cm table Ar name Cm destroy
+.Oo Cm set Ar N Oc Cm table
+.Brq Ar name | all
+.Cm destroy
 .Nm
 .Oo Cm set Ar N Oc Cm table Ar name Cm modify Ar modify-options
 .Nm

Modified: stable/11/sbin/ipfw/tables.c
==============================================================================
--- stable/11/sbin/ipfw/tables.c	Wed May 10 03:47:22 2017	(r318130)
+++ stable/11/sbin/ipfw/tables.c	Wed May 10 05:01:05 2017	(r318131)
@@ -54,6 +54,7 @@ static int table_swap(ipfw_obj_header *o
 static int table_get_info(ipfw_obj_header *oh, ipfw_xtable_info *i);
 static int table_show_info(ipfw_xtable_info *i, void *arg);
 
+static int table_destroy_one(ipfw_xtable_info *i, void *arg);
 static int table_flush_one(ipfw_xtable_info *i, void *arg);
 static int table_show_one(ipfw_xtable_info *i, void *arg);
 static int table_do_get_list(ipfw_xtable_info *i, ipfw_obj_header **poh);
@@ -132,7 +133,7 @@ lookup_host (char *host, struct in_addr 
  * This one handles all table-related commands
  * 	ipfw table NAME create ...
  * 	ipfw table NAME modify ...
- * 	ipfw table NAME destroy
+ * 	ipfw table {NAME | all} destroy
  * 	ipfw table NAME swap NAME
  * 	ipfw table NAME lock
  * 	ipfw table NAME unlock
@@ -200,6 +201,7 @@ ipfw_table_handler(int ac, char *av[])
 	case TOK_INFO:
 	case TOK_DETAIL:
 	case TOK_FLUSH:
+	case TOK_DESTROY:
 		break;
 	default:
 		if (is_all != 0)
@@ -223,13 +225,21 @@ ipfw_table_handler(int ac, char *av[])
 		table_modify(&oh, ac, av);
 		break;
 	case TOK_DESTROY:
-		if (table_destroy(&oh) == 0)
-			break;
-		if (errno != ESRCH)
-			err(EX_OSERR, "failed to destroy table %s", tablename);
-		/* ESRCH isn't fatal, warn if not quiet mode */
-		if (co.do_quiet == 0)
-			warn("failed to destroy table %s", tablename);
+		if (is_all == 0) {
+			if (table_destroy(&oh) == 0)
+				break;
+			if (errno != ESRCH)
+				err(EX_OSERR, "failed to destroy table %s",
+				    tablename);
+			/* ESRCH isn't fatal, warn if not quiet mode */
+			if (co.do_quiet == 0)
+				warn("failed to destroy table %s", tablename);
+		} else {
+			error = tables_foreach(table_destroy_one, &oh, 1);
+			if (error != 0)
+				err(EX_OSERR,
+				    "failed to destroy tables list");
+		}
 		break;
 	case TOK_FLUSH:
 		if (is_all == 0) {
@@ -567,6 +577,22 @@ table_destroy(ipfw_obj_header *oh)
 	return (0);
 }
 
+static int
+table_destroy_one(ipfw_xtable_info *i, void *arg)
+{
+	ipfw_obj_header *oh;
+
+	oh = (ipfw_obj_header *)arg;
+	table_fill_ntlv(&oh->ntlv, i->tablename, i->set, 1);
+	if (table_destroy(oh) != 0) {
+		if (co.do_quiet == 0)
+			warn("failed to destroy table(%s) in set %u",
+			    i->tablename, i->set);
+		return (-1);
+	}
+	return (0);
+}
+
 /*
  * Flushes given table specified by @oh->ntlv.
  * Returns 0 on success.
