From owner-dev-commits-src-branches@freebsd.org Mon Sep 6 10:39:25 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2476E671ED1; Mon, 6 Sep 2021 10:39:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4H34dm6ZPnz3KBY; Mon, 6 Sep 2021 10:39:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C030A1D78A; Mon, 6 Sep 2021 10:39:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 186AdOG0039570; Mon, 6 Sep 2021 10:39:24 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 186AdO5f039569; Mon, 6 Sep 2021 10:39:24 GMT (envelope-from git) Date: Mon, 6 Sep 2021 10:39:24 GMT Message-Id: <202109061039.186AdO5f039569@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: ef082ce0edcd - stable/12 - pfctl: use libpfctl to retrieve pf status MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: ef082ce0edcdf7a49c592f9884da69cc19ab856d Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Sep 2021 10:39:25 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=ef082ce0edcdf7a49c592f9884da69cc19ab856d commit ef082ce0edcdf7a49c592f9884da69cc19ab856d Author: Kristof Provost AuthorDate: 2021-08-26 15:09:48 +0000 Commit: Kristof Provost CommitDate: 2021-09-06 08:06:50 +0000 pfctl: use libpfctl to retrieve pf status Rather than call DIOCGETSTATUS ourselves use the new libpfctl functions. MFC after: 1 week Sponsored by: Modirum MDPay Differential Revision: https://reviews.freebsd.org/D31697 (cherry picked from commit 80078d9d38fde6f146de28809640b2c7bff45a6c) --- sbin/pfctl/pfctl.c | 20 +++++++++++++------- sbin/pfctl/pfctl_parser.c | 46 ++++++++++++++++++---------------------------- sbin/pfctl/pfctl_parser.h | 4 ++-- 3 files changed, 33 insertions(+), 37 deletions(-) diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index 016075058b21..8f3698e398f6 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1307,35 +1307,41 @@ pfctl_show_states(int dev, const char *iface, int opts) int pfctl_show_status(int dev, int opts) { - struct pf_status status; + struct pfctl_status *status; struct pfctl_syncookies cookies; - if (ioctl(dev, DIOCGETSTATUS, &status)) { + if ((status = pfctl_get_status(dev)) == NULL) { warn("DIOCGETSTATUS"); return (-1); } if (pfctl_get_syncookies(dev, &cookies)) { + pfctl_free_status(status); warn("DIOCGETSYNCOOKIES"); return (-1); } if (opts & PF_OPT_SHOWALL) pfctl_print_title("INFO:"); - print_status(&status, &cookies, opts); + print_status(status, &cookies, opts); + pfctl_free_status(status); return (0); } int pfctl_show_running(int dev) { - struct pf_status status; + struct pfctl_status *status; + int running; - if (ioctl(dev, DIOCGETSTATUS, &status)) { + if ((status = pfctl_get_status(dev)) == NULL) { warn("DIOCGETSTATUS"); return (-1); } - print_running(&status); - return (!status.running); + running = status->running; + + print_running(status); + pfctl_free_status(status); + return (!running); } int diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index dc2a460a087f..5ffb006df8a0 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -60,6 +60,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include "pfctl_parser.h" @@ -497,8 +498,9 @@ const char * const pf_fcounters[FCNT_MAX+1] = FCNT_NAMES; const char * const pf_scounters[FCNT_MAX+1] = FCNT_NAMES; void -print_status(struct pf_status *s, struct pfctl_syncookies *cookies, int opts) +print_status(struct pfctl_status *s, struct pfctl_syncookies *cookies, int opts) { + struct pfctl_status_counter *c; char statline[80], *running; time_t runtime; int i; @@ -574,56 +576,44 @@ print_status(struct pf_status *s, struct pfctl_syncookies *cookies, int opts) (unsigned long long)s->pcounters[1][1][PF_DROP]); } printf("%-27s %14s %16s\n", "State Table", "Total", "Rate"); - printf(" %-25s %14u %14s\n", "current entries", s->states, ""); - for (i = 0; i < FCNT_MAX; i++) { - printf(" %-25s %14llu ", pf_fcounters[i], - (unsigned long long)s->fcounters[i]); + printf(" %-25s %14" PRIu64 " %14s\n", "current entries", s->states, ""); + TAILQ_FOREACH(c, &s->fcounters, entry) { + printf(" %-25s %14lu ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->fcounters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } if (opts & PF_OPT_VERBOSE) { printf("Source Tracking Table\n"); - printf(" %-25s %14u %14s\n", "current entries", + printf(" %-25s %14" PRIu64 " %14s\n", "current entries", s->src_nodes, ""); - for (i = 0; i < SCNT_MAX; i++) { - printf(" %-25s %14lld ", pf_scounters[i], -#ifdef __FreeBSD__ - (long long)s->scounters[i]); -#else - s->scounters[i]); -#endif + TAILQ_FOREACH(c, &s->scounters, entry) { + printf(" %-25s %14lu ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->scounters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } } printf("Counters\n"); - for (i = 0; i < PFRES_MAX; i++) { - printf(" %-25s %14llu ", pf_reasons[i], - (unsigned long long)s->counters[i]); + TAILQ_FOREACH(c, &s->counters, entry) { + printf(" %-25s %14" PRIu64 " ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->counters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } if (opts & PF_OPT_VERBOSE) { printf("Limit Counters\n"); - for (i = 0; i < LCNT_MAX; i++) { - printf(" %-25s %14lld ", pf_lcounters[i], -#ifdef __FreeBSD__ - (unsigned long long)s->lcounters[i]); -#else - s->lcounters[i]); -#endif + TAILQ_FOREACH(c, &s->lcounters, entry) { + printf(" %-25s %14" PRIu64 " ", c->name, c->counter); if (runtime > 0) printf("%14.1f/s\n", - (double)s->lcounters[i] / (double)runtime); + (double)c->counter / (double)runtime); else printf("%14s\n", ""); } @@ -636,7 +626,7 @@ print_status(struct pf_status *s, struct pfctl_syncookies *cookies, int opts) } void -print_running(struct pf_status *status) +print_running(struct pfctl_status *status) { printf("%s\n", status->running ? "Enabled" : "Disabled"); } diff --git a/sbin/pfctl/pfctl_parser.h b/sbin/pfctl/pfctl_parser.h index 0c64238ecefa..12a66e1ae710 100644 --- a/sbin/pfctl/pfctl_parser.h +++ b/sbin/pfctl/pfctl_parser.h @@ -279,8 +279,8 @@ void print_pool(struct pfctl_pool *, u_int16_t, u_int16_t, sa_family_t, int); void print_src_node(struct pf_src_node *, int); void print_rule(struct pfctl_rule *, const char *, int, int); void print_tabledef(const char *, int, int, struct node_tinithead *); -void print_status(struct pf_status *, struct pfctl_syncookies *, int); -void print_running(struct pf_status *); +void print_status(struct pfctl_status *, struct pfctl_syncookies *, int); +void print_running(struct pfctl_status *); int eval_pfaltq(struct pfctl *, struct pf_altq *, struct node_queue_bw *, struct node_queue_opt *);