FreeBSD Bugzilla – Attachment 151074 Details for
Bug 183198
[pf] pf tables not loaded if only used inside anchor
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
pf table reference count increment for root tables
pf.table.root.reference.patch (text/plain), 2.67 KB, created by
krichy
on 2014-12-29 17:06:20 UTC
(
hide
)
Description:
pf table reference count increment for root tables
Filename:
MIME Type:
Creator:
krichy
Created:
2014-12-29 17:06:20 UTC
Size:
2.67 KB
patch
obsolete
>diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c >index 64b4a05..ed8f564 100644 >--- a/sbin/pfctl/pfctl.c >+++ b/sbin/pfctl/pfctl.c >@@ -1258,6 +1258,9 @@ pfctl_ruleset_trans(struct pfctl *pf, char *path, struct pf_anchor *a) > if (pfctl_trans(pf->dev, pf->trans, DIOCXBEGIN, osize)) > return (5); > >+ if (pf->loadopt & PFCTL_FLAG_TABLE) >+ pf->anchor->ruleset.tticket = >+ pfctl_get_ticket(pf->trans, PF_RULESET_TABLE, path); > return (0); > } > >@@ -1470,9 +1473,6 @@ pfctl_rules(int dev, char *filename, int opts, int optimize, > if (altqsupport && (pf.loadopt & PFCTL_FLAG_ALTQ)) > pa.ticket = > pfctl_get_ticket(t, PF_RULESET_ALTQ, anchorname); >- if (pf.loadopt & PFCTL_FLAG_TABLE) >- pf.astack[0]->ruleset.tticket = >- pfctl_get_ticket(t, PF_RULESET_TABLE, anchorname); > } > > if (parse_config(filename, &pf) < 0) { >diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c >index 595a365..9d23add 100644 >--- a/sys/netpfil/pf/pf_table.c >+++ b/sys/netpfil/pf/pf_table.c >@@ -179,6 +179,8 @@ static int pfr_skip_table(struct pfr_table *, > struct pfr_ktable *, int); > static struct pfr_kentry > *pfr_kentry_byidx(struct pfr_ktable *, int, int); >+static void pfr_inc_ruleref_ktable(struct pfr_ktable *); >+static void pfr_dec_ruleref_ktable(struct pfr_ktable *); > > static RB_PROTOTYPE(pfr_ktablehead, pfr_ktable, pfrkt_tree, pfr_ktable_compare); > static RB_GENERATE(pfr_ktablehead, pfr_ktable, pfrkt_tree, pfr_ktable_compare); >@@ -2037,8 +2039,7 @@ pfr_attach_table(struct pf_ruleset *rs, char *name) > } > pfr_insert_ktable(kt); > } >- if (!kt->pfrkt_refcnt[PFR_REFCNT_RULE]++) >- pfr_setflags_ktable(kt, kt->pfrkt_flags|PFR_TFLAG_REFERENCED); >+ pfr_inc_ruleref_ktable(kt); > return (kt); > } > >@@ -2050,8 +2051,7 @@ pfr_detach_table(struct pfr_ktable *kt) > KASSERT(kt->pfrkt_refcnt[PFR_REFCNT_RULE] > 0, ("%s: refcount %d\n", > __func__, kt->pfrkt_refcnt[PFR_REFCNT_RULE])); > >- if (!--kt->pfrkt_refcnt[PFR_REFCNT_RULE]) >- pfr_setflags_ktable(kt, kt->pfrkt_flags&~PFR_TFLAG_REFERENCED); >+ pfr_dec_ruleref_ktable(kt); > } > > int >@@ -2178,6 +2178,26 @@ pfr_kentry_byidx(struct pfr_ktable *kt, int idx, int af) > } > } > >+static void >+pfr_inc_ruleref_ktable(struct pfr_ktable *kt) >+{ >+ if (!kt->pfrkt_refcnt[PFR_REFCNT_RULE]++) >+ pfr_setflags_ktable(kt, kt->pfrkt_flags|PFR_TFLAG_REFERENCED); >+ >+ if (kt->pfrkt_root) >+ pfr_inc_ruleref_ktable(kt->pfrkt_root); >+} >+ >+static void >+pfr_dec_ruleref_ktable(struct pfr_ktable *kt) >+{ >+ if (kt->pfrkt_root) >+ pfr_dec_ruleref_ktable(kt->pfrkt_root); >+ >+ if (!--kt->pfrkt_refcnt[PFR_REFCNT_RULE]) >+ pfr_setflags_ktable(kt, kt->pfrkt_flags&~PFR_TFLAG_REFERENCED); >+} >+ > void > pfr_dynaddr_update(struct pfr_ktable *kt, struct pfi_dynaddr *dyn) > {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=151074">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 183198
:
151017
|
151030
|
151074
|
151094