diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2022-03-29 12:15:10 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2022-03-30 08:28:19 +0000 |
| commit | 9bb06778f822ad6b47d2a825d47e284ca8dd29a1 (patch) | |
| tree | 6c3c6b377c805f510b2bb9871406c14e8c18aa77 /lib/libpfctl | |
| parent | 5473dee7300507de64c2e6c140b87c9bde8e4462 (diff) | |
Diffstat (limited to 'lib/libpfctl')
| -rw-r--r-- | lib/libpfctl/libpfctl.c | 75 | ||||
| -rw-r--r-- | lib/libpfctl/libpfctl.h | 14 |
2 files changed, 89 insertions, 0 deletions
diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 8f064594260b..1e1a90594210 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -623,6 +623,81 @@ pfctl_nveth_rule_to_eth_rule(const nvlist_t *nvl, struct pfctl_eth_rule *rule) } int +pfctl_get_eth_rulesets_info(int dev, struct pfctl_eth_rulesets_info *ri, + const char *path) +{ + uint8_t buf[1024]; + struct pfioc_nv nv; + nvlist_t *nvl; + void *packed; + size_t len; + + bzero(ri, sizeof(*ri)); + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "path", path); + packed = nvlist_pack(nvl, &len); + memcpy(buf, packed, len); + free(packed); + nvlist_destroy(nvl); + + nv.data = buf; + nv.len = len; + nv.size = sizeof(buf); + + if (ioctl(dev, DIOCGETETHRULESETS, &nv) != 0) + return (errno); + + nvl = nvlist_unpack(buf, nv.len, 0); + if (nvl == NULL) + return (EIO); + + ri->nr = nvlist_get_number(nvl, "nr"); + + nvlist_destroy(nvl); + return (0); +} + +int +pfctl_get_eth_ruleset(int dev, const char *path, int nr, + struct pfctl_eth_ruleset_info *ri) +{ + uint8_t buf[1024]; + struct pfioc_nv nv; + nvlist_t *nvl; + void *packed; + size_t len; + + bzero(ri, sizeof(*ri)); + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "path", path); + nvlist_add_number(nvl, "nr", nr); + packed = nvlist_pack(nvl, &len); + memcpy(buf, packed, len); + free(packed); + nvlist_destroy(nvl); + + nv.data = buf; + nv.len = len; + nv.size = sizeof(buf); + + if (ioctl(dev, DIOCGETETHRULESET, &nv) != 0) + return (errno); + + nvl = nvlist_unpack(buf, nv.len, 0); + if (nvl == NULL) + return (EIO); + + ri->nr = nvlist_get_number(nvl, "nr"); + strlcpy(ri->path, nvlist_get_string(nvl, "path"), MAXPATHLEN); + strlcpy(ri->name, nvlist_get_string(nvl, "name"), + PF_ANCHOR_NAME_SIZE); + + return (0); +} + +int pfctl_get_eth_rules_info(int dev, struct pfctl_eth_rules_info *rules, const char *path) { diff --git a/lib/libpfctl/libpfctl.h b/lib/libpfctl/libpfctl.h index b7f703b64def..92a1ea9b7cef 100644 --- a/lib/libpfctl/libpfctl.h +++ b/lib/libpfctl/libpfctl.h @@ -66,6 +66,10 @@ struct pfctl_status { uint64_t bcounters[2][2]; }; +struct pfctl_eth_rulesets_info { + uint32_t nr; +}; + struct pfctl_eth_rules_info { uint32_t nr; uint32_t ticket; @@ -111,6 +115,12 @@ struct pfctl_eth_rule { }; TAILQ_HEAD(pfctl_eth_rules, pfctl_eth_rule); +struct pfctl_eth_ruleset_info { + uint32_t nr; + char name[PF_ANCHOR_NAME_SIZE]; + char path[MAXPATHLEN]; +}; + struct pfctl_eth_ruleset { struct pfctl_eth_rules rules; struct pfctl_eth_anchor *anchor; @@ -356,6 +366,10 @@ struct pfctl_syncookies { struct pfctl_status* pfctl_get_status(int dev); void pfctl_free_status(struct pfctl_status *status); +int pfctl_get_eth_rulesets_info(int dev, + struct pfctl_eth_rulesets_info *ri, const char *path); +int pfctl_get_eth_ruleset(int dev, const char *path, int nr, + struct pfctl_eth_ruleset_info *ri); int pfctl_get_eth_rules_info(int dev, struct pfctl_eth_rules_info *rules, const char *path); int pfctl_get_eth_rule(int dev, uint32_t nr, uint32_t ticket, |