From nobody Wed Jun 3 13:15:41 2026 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gVp9G5w7vz6gp8Q for ; Wed, 03 Jun 2026 13:15:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gVp9G4nbgz3NXY for ; Wed, 03 Jun 2026 13:15:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780492546; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=c8Oh83++P9StM0zOt02q+LLqwlh3bvjIkjPp4QFtqZ8=; b=N3GmrCZQ0oi3BeCkOY4YhoAe2fDJlPi5Q+b5YoGqE3iaCtLjOXls2MJnH1A6QWi875mWU4 FfJrwq54W+ZHgGhfRDW3IlEp+Axyk3lG7jCEuYOBGeY7uC991mPKF9msVHT32BieAf2Qrw VDK0x6ExdGKEew5Cg3VfXLEIh/pLQRrUaiNU9FtX6uHqiB3uxNiDkANuxw+d5Sa9roX5M7 lu0aiVREuMi7oWNx7iGApsQRnB99vvPryHHUEIRNx9WKWuWQrAgpYvsRfrMKtyoh0nQ7j3 BszRLKlfoXlX55I6kJVuTBzdbkcVg5ia9T+Rg3BBRUQ7hewocTVy0/LspFc2IA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780492546; a=rsa-sha256; cv=none; b=LRmE8CBsHXPGbLyhU3HR+7i9JPcMQDhvsdSOTbqBQyeHiqZpP+KjvYWznvLtX4JKEw4ais Phm9wDt8sCPuvqtOS1HvDLDCo/fC8yVdlTX+yaPbX0rbPakIu3csXuYW3M+avKmGM8SqZX OSEJSyJ/EhIiNN8QpumYGivH3493F6X1P1DrLeRMtUPbJNABdlbBjtYWKT80OIHZivikXM i1kdNNnVwwuSeYNyhHtqpeIiCofAcUxlT9nko6csWmTmwT30lsm6vTlcpRyPXtna8orecd TXjOWIImIKlrxVZPD/F8R7tHcPhGN2dJ1tNx1S/uEGa0n1r0ZbYrTqYAQVqwSg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780492546; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=c8Oh83++P9StM0zOt02q+LLqwlh3bvjIkjPp4QFtqZ8=; b=B/qDRU0S2TYTHZISYuP630XiQA7B8L0nPQ25Qeknr44pad9YM1/X0u+mBz2fctQSEBCLED 4N7AvPMcQJYHM/FCOX9AU6m6Wa9dL3DGEzrkNAZJZxYHxU0GRacgBtVEfsF6toe9CT+eT6 TCQKCIJpp2nXKrzXDVypOjG9G9Ra+uMinXVOmoYlyJjqQZTru9jQTYNb3z2+bpya9jOFoE Qvoi3TAump1xXWOt157fEprB2uT3NYN0007z38EAFTAYwSeCHTXiawFEbSImT2eD7pXEIr j4ake4EtnlqsxXb5juwxiyhzLdv0XZHdENPP88whhfNo/bA9bw7GWKFB4WRP5Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gVp9G49M0z1B5w for ; Wed, 03 Jun 2026 13:15:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 30559 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 03 Jun 2026 13:15:41 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Ishan Agrawal From: Kristof Provost Subject: git: 017690e50913 - main - netpfil: add PF netlink command decoding support List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 017690e509134422dbfa80316eab56d8d3f87065 Auto-Submitted: auto-generated Date: Wed, 03 Jun 2026 13:15:41 +0000 Message-Id: <6a2028fd.30559.3287a30@gitrepo.freebsd.org> The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=017690e509134422dbfa80316eab56d8d3f87065 commit 017690e509134422dbfa80316eab56d8d3f87065 Author: Ishan Agrawal AuthorDate: 2026-06-01 12:24:05 +0000 Commit: Kristof Provost CommitDate: 2026-06-03 08:52:06 +0000 netpfil: add PF netlink command decoding support Convert PFNL_CMD values in pf_nl.h from an enum to #define constants, add a pfnl_cmd table definition for mktable, and implement the corresponding command decoding helpers in libsysdecode. This allows mktable to generate PF netlink command lookup tables and enables symbolic decoding of PF netlink commands. Reviewed by: kp Signed-off-by: Ishan Agrawal Sponsored by: Google LLC (GSoC 2026) --- lib/libsysdecode/flags.c | 8 ++++ lib/libsysdecode/mktables | 1 + lib/libsysdecode/sysdecode.h | 1 + sys/netpfil/pf/pf_nl.h | 103 +++++++++++++++++++++---------------------- 4 files changed, 61 insertions(+), 52 deletions(-) diff --git a/lib/libsysdecode/flags.c b/lib/libsysdecode/flags.c index f8e26e6a9dae..8009a7a2f97e 100644 --- a/lib/libsysdecode/flags.c +++ b/lib/libsysdecode/flags.c @@ -69,6 +69,7 @@ #include #include #include +#include #include "support.h" @@ -1207,3 +1208,10 @@ sysdecode_itimer(int which) return (lookup_value(itimerwhich, which)); } + +const char * +sysdecode_pfnl_cmd(int cmd) +{ + + return (lookup_value(pfnl_cmd, cmd)); +} diff --git a/lib/libsysdecode/mktables b/lib/libsysdecode/mktables index 6b4f79402660..2bfbaf529f44 100644 --- a/lib/libsysdecode/mktables +++ b/lib/libsysdecode/mktables @@ -170,6 +170,7 @@ else fi gen_table "shmflags" "SHM_[A-Z_]+[[:space:]]+0x[0-9]+" "sys/mman.h" "SHM_ANON" gen_table "itimerwhich" "ITIMER_[A-Z]+[[:space:]]+[0-9]+" "sys/time.h" +gen_table "pfnl_cmd" "PFNL_CMD_[A-Z_]+[[:space:]]+[0-9]+" "netpfil/pf/pf_nl.h" # Generate a .depend file for our output file if [ -n "$output_file" ]; then diff --git a/lib/libsysdecode/sysdecode.h b/lib/libsysdecode/sysdecode.h index dad9d447478c..4675b1e3c463 100644 --- a/lib/libsysdecode/sysdecode.h +++ b/lib/libsysdecode/sysdecode.h @@ -66,6 +66,7 @@ const char *sysdecode_ipproto(int _protocol); void sysdecode_kevent_fflags(FILE *_fp, short _filter, int _fflags, int _base); const char *sysdecode_itimer(int _which); +const char *sysdecode_pfnl_cmd(int cmd); const char *sysdecode_kevent_filter(int _filter); bool sysdecode_kevent_flags(FILE *_fp, int _flags, int *_rem); const char *sysdecode_kldsym_cmd(int _cmd); diff --git a/sys/netpfil/pf/pf_nl.h b/sys/netpfil/pf/pf_nl.h index 4d0186ea86a5..34ad5be75917 100644 --- a/sys/netpfil/pf/pf_nl.h +++ b/sys/netpfil/pf/pf_nl.h @@ -34,58 +34,57 @@ #define PFNL_FAMILY_NAME "pfctl" /* available commands */ -enum { - PFNL_CMD_UNSPEC = 0, - PFNL_CMD_GETSTATES = 1, - PFNL_CMD_GETCREATORS = 2, - PFNL_CMD_START = 3, - PFNL_CMD_STOP = 4, - PFNL_CMD_ADDRULE = 5, - PFNL_CMD_GETRULES = 6, - PFNL_CMD_GETRULE = 7, - PFNL_CMD_CLRSTATES = 8, - PFNL_CMD_KILLSTATES = 9, - PFNL_CMD_SET_STATUSIF = 10, - PFNL_CMD_GET_STATUS = 11, - PFNL_CMD_CLEAR_STATUS = 12, - PFNL_CMD_NATLOOK = 13, - PFNL_CMD_SET_DEBUG = 14, - PFNL_CMD_SET_TIMEOUT = 15, - PFNL_CMD_GET_TIMEOUT = 16, - PFNL_CMD_SET_LIMIT = 17, - PFNL_CMD_GET_LIMIT = 18, - PFNL_CMD_BEGIN_ADDRS = 19, - PFNL_CMD_ADD_ADDR = 20, - PFNL_CMD_GET_ADDRS = 21, - PFNL_CMD_GET_ADDR = 22, - PFNL_CMD_GET_RULESETS = 23, - PFNL_CMD_GET_RULESET = 24, - PFNL_CMD_GET_SRCNODES = 25, - PFNL_CMD_CLEAR_TABLES = 26, - PFNL_CMD_ADD_TABLE = 27, - PFNL_CMD_DEL_TABLE = 28, - PFNL_CMD_GET_TSTATS = 29, - PFNL_CMD_CLR_TSTATS = 30, - PFNL_CMD_CLR_ADDRS = 31, - PFNL_CMD_TABLE_ADD_ADDR = 32, - PFNL_CMD_TABLE_DEL_ADDR = 33, - PFNL_CMD_TABLE_SET_ADDR = 34, - PFNL_CMD_TABLE_GET_ADDR = 35, - PFNL_CMD_TABLE_GET_ASTATS = 36, - PFNL_CMD_TABLE_CLEAR_ASTATS = 37, - PFNL_CMD_STATE_LIMITER_ADD = 38, - PFNL_CMD_STATE_LIMITER_GET = 39, - PFNL_CMD_STATE_LIMITER_NGET = 40, - PFNL_CMD_SOURCE_LIMITER_ADD = 41, - PFNL_CMD_SOURCE_LIMITER_GET = 42, - PFNL_CMD_SOURCE_LIMITER_NGET = 43, - PFNL_CMD_SOURCE_GET = 44, - PFNL_CMD_SOURCE_NGET = 45, - PFNL_CMD_SOURCE_CLEAR = 46, - PFNL_CMD_TABLE_TEST_ADDRS = 47, - __PFNL_CMD_MAX, -}; -#define PFNL_CMD_MAX (__PFNL_CMD_MAX -1) +#define PFNL_CMD_UNSPEC 0 +#define PFNL_CMD_GETSTATES 1 +#define PFNL_CMD_GETCREATORS 2 +#define PFNL_CMD_START 3 +#define PFNL_CMD_STOP 4 +#define PFNL_CMD_ADDRULE 5 +#define PFNL_CMD_GETRULES 6 +#define PFNL_CMD_GETRULE 7 +#define PFNL_CMD_CLRSTATES 8 +#define PFNL_CMD_KILLSTATES 9 +#define PFNL_CMD_SET_STATUSIF 10 +#define PFNL_CMD_GET_STATUS 11 +#define PFNL_CMD_CLEAR_STATUS 12 +#define PFNL_CMD_NATLOOK 13 +#define PFNL_CMD_SET_DEBUG 14 +#define PFNL_CMD_SET_TIMEOUT 15 +#define PFNL_CMD_GET_TIMEOUT 16 +#define PFNL_CMD_SET_LIMIT 17 +#define PFNL_CMD_GET_LIMIT 18 +#define PFNL_CMD_BEGIN_ADDRS 19 +#define PFNL_CMD_ADD_ADDR 20 +#define PFNL_CMD_GET_ADDRS 21 +#define PFNL_CMD_GET_ADDR 22 +#define PFNL_CMD_GET_RULESETS 23 +#define PFNL_CMD_GET_RULESET 24 +#define PFNL_CMD_GET_SRCNODES 25 +#define PFNL_CMD_CLEAR_TABLES 26 +#define PFNL_CMD_ADD_TABLE 27 +#define PFNL_CMD_DEL_TABLE 28 +#define PFNL_CMD_GET_TSTATS 29 +#define PFNL_CMD_CLR_TSTATS 30 +#define PFNL_CMD_CLR_ADDRS 31 +#define PFNL_CMD_TABLE_ADD_ADDR 32 +#define PFNL_CMD_TABLE_DEL_ADDR 33 +#define PFNL_CMD_TABLE_SET_ADDR 34 +#define PFNL_CMD_TABLE_GET_ADDR 35 +#define PFNL_CMD_TABLE_GET_ASTATS 36 +#define PFNL_CMD_TABLE_CLEAR_ASTATS 37 +#define PFNL_CMD_STATE_LIMITER_ADD 38 +#define PFNL_CMD_STATE_LIMITER_GET 39 +#define PFNL_CMD_STATE_LIMITER_NGET 40 +#define PFNL_CMD_SOURCE_LIMITER_ADD 41 +#define PFNL_CMD_SOURCE_LIMITER_GET 42 +#define PFNL_CMD_SOURCE_LIMITER_NGET 43 +#define PFNL_CMD_SOURCE_GET 44 +#define PFNL_CMD_SOURCE_NGET 45 +#define PFNL_CMD_SOURCE_CLEAR 46 +#define PFNL_CMD_TABLE_TEST_ADDRS 47 + +#define __PFNL_CMD_MAX 48 +#define PFNL_CMD_MAX (__PFNL_CMD_MAX - 1) enum pfstate_key_type_t { PF_STK_UNSPEC,