Date: Mon, 6 Sep 2021 10:39:24 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: ef082ce0edcd - stable/12 - pfctl: use libpfctl to retrieve pf status Message-ID: <202109061039.186AdO5f039569@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=ef082ce0edcdf7a49c592f9884da69cc19ab856d commit ef082ce0edcdf7a49c592f9884da69cc19ab856d Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2021-08-26 15:09:48 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2021-09-06 08:06:50 +0000 pfctl: use libpfctl to retrieve pf status Rather than call DIOCGETSTATUS ourselves use the new libpfctl functions. MFC after: 1 week Sponsored by: Modirum MDPay Differential Revision: https://reviews.freebsd.org/D31697 (cherry picked from commit 80078d9d38fde6f146de28809640b2c7bff45a6c) --- sbin/pfctl/pfctl.c | 20 +++++++++++++------- sbin/pfctl/pfctl_parser.c | 46 ++++++++++++++++++---------------------------- sbin/pfctl/pfctl_parser.h | 4 ++-- 3 files changed, 33 insertions(+), 37 deletions(-) diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index 016075058b21..8f3698e398f6 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1307,35 +1307,41 @@ pfctl_show_states(int dev, const char *iface, int opts) int pfctl_show_status(int dev, int opts) { - struct pf_status status; + struct pfctl_status *status; struct pfctl_syncookies cookies; - if (ioctl(dev, DIOCGETSTATUS, &status)) { + if ((status = pfctl_get_status(dev)) == NULL) { warn("DIOCGETSTATUS"); return (-1); } if (pfctl_get_syncookies(dev, &cookies)) { + pfctl_free_status(status); warn("DIOCGETSYNCOOKIES"); return (-1); } if (opts & PF_OPT_SHOWALL) pfctl_print_title("INFO:"); - print_status(&status, &cookies, opts); + print_status(status, &cookies, opts); + pfctl_free_status(status); return (0); } int pfctl_show_running(int dev) { - struct pf_status status; + struct pfctl_status *status; + int running; - if (ioctl(dev, DIOCGETSTATUS, &status)) { + if ((status = pfctl_get_status(dev)) == NULL) { warn("DIOCGETSTATUS"); return (-1); } - print_running(&status); - return (!status.running); + running = status->running; + + print_running(status); + pfctl_free_status(status); + return (!running); } int diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index dc2a460a087f..5ffb006df8a0 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -60,6 +60,7 @@ __FBSDID("$FreeBSD$"); #include <errno.h> #include <err.h> #include <ifaddrs.h> +#include <inttypes.h> #include <unistd.h> #include "pfctl_parser.h" @@ -497,8 +498,9 @@ const char * const pf_fcounters[FCNT_MAX+1] = FCNT_NAMES; const char * const pf_scounters[FCNT_MAX+1] = FCNT_NAMES; void -print_status(struct pf_status *s, struct pfctl_syncookies *cookies, int opts) +print_status(struct pfctl_status *s, struct pfctl_syncookies *cookies, int opts) { + struct pfctl_status_counter *c; char statline[80], *running; time_t runtime; int i; @@ -574,56 +576,44 @@ print_status(struct pf_status *s, struct pfctl_syncookies *cookies, int opts) (unsigned long long)s->pcounters[1][1][PF_DROP]); } printf("%-27s %14s %16s\n", "State Table", "Total", "Rate"); - printf(" %-25s %14u %14s\n", "current entries", s->states, ""); - for (i = 0; i < FCNT_MAX; i++) { - printf(" %-25s %14llu ", pf_fcounters[i], - (unsigned long long)s->fcounters[i]); + printf(" %-25s %14" PRIu64 " %14s\n", "current entries", s->states, ""); + TAILQ_FOREACH(c, &s->fcounters, entry) { + printf(" %-25s %14lu ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->fcounters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } if (opts & PF_OPT_VERBOSE) { printf("Source Tracking Table\n"); - printf(" %-25s %14u %14s\n", "current entries", + printf(" %-25s %14" PRIu64 " %14s\n", "current entries", s->src_nodes, ""); - for (i = 0; i < SCNT_MAX; i++) { - printf(" %-25s %14lld ", pf_scounters[i], -#ifdef __FreeBSD__ - (long long)s->scounters[i]); -#else - s->scounters[i]); -#endif + TAILQ_FOREACH(c, &s->scounters, entry) { + printf(" %-25s %14lu ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->scounters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } } printf("Counters\n"); - for (i = 0; i < PFRES_MAX; i++) { - printf(" %-25s %14llu ", pf_reasons[i], - (unsigned long long)s->counters[i]); + TAILQ_FOREACH(c, &s->counters, entry) { + printf(" %-25s %14" PRIu64 " ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->counters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } if (opts & PF_OPT_VERBOSE) { printf("Limit Counters\n"); - for (i = 0; i < LCNT_MAX; i++) { - printf(" %-25s %14lld ", pf_lcounters[i], -#ifdef __FreeBSD__ - (unsigned long long)s->lcounters[i]); -#else - s->lcounters[i]); -#endif + TAILQ_FOREACH(c, &s->lcounters, entry) { + printf(" %-25s %14" PRIu64 " ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->lcounters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } @@ -636,7 +626,7 @@ print_status(struct pf_status *s, struct pfctl_syncookies *cookies, int opts) } void -print_running(struct pf_status *status) +print_running(struct pfctl_status *status) { printf("%s\n", status->running ? "Enabled" : "Disabled"); } diff --git a/sbin/pfctl/pfctl_parser.h b/sbin/pfctl/pfctl_parser.h index 0c64238ecefa..12a66e1ae710 100644 --- a/sbin/pfctl/pfctl_parser.h +++ b/sbin/pfctl/pfctl_parser.h @@ -279,8 +279,8 @@ void print_pool(struct pfctl_pool *, u_int16_t, u_int16_t, sa_family_t, int); void print_src_node(struct pf_src_node *, int); void print_rule(struct pfctl_rule *, const char *, int, int); void print_tabledef(const char *, int, int, struct node_tinithead *); -void print_status(struct pf_status *, struct pfctl_syncookies *, int); -void print_running(struct pf_status *); +void print_status(struct pfctl_status *, struct pfctl_syncookies *, int); +void print_running(struct pfctl_status *); int eval_pfaltq(struct pfctl *, struct pf_altq *, struct node_queue_bw *, struct node_queue_opt *);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202109061039.186AdO5f039569>