Update to FreeBSD head 2018-06-01

Git mirror commit fb63610a69b0eb7f69a201ba05c4c1a7a2739cf9. Update #3472.
2025-10-14 22:56:25 +08:00 · 2018-08-21 13:47:02 +02:00
parent 2df56dbd60
commit bcdce02d9b
340 changed files with 27754 additions and 11720 deletions
--- a/freebsd/sbin/pfctl/pfctl.c
+++ b/freebsd/sbin/pfctl/pfctl.c
@@ -85,6 +85,9 @@ void	 usage(void);
 int	 pfctl_enable(int, int);
 int	 pfctl_disable(int, int);
 int	 pfctl_clear_stats(int, int);
+int	 pfctl_get_skip_ifaces(void);
+int	 pfctl_check_skip_ifaces(char *);
+int	 pfctl_clear_skip_ifaces(struct pfctl *);
 int	 pfctl_clear_interface_flags(int, int);
 int	 pfctl_clear_rules(int, int, char *);
 int	 pfctl_clear_nat(int, int, char *);
@@ -124,6 +127,7 @@ const char	*pfctl_lookup_option(char *, const char * const *);

 static struct pf_anchor_global	 pf_anchors;
 static struct pf_anchor	 pf_main_anchor;
+static struct pfr_buffer skip_b;

 static const char	*clearopt;
 static char		*rulesopt;
@@ -316,6 +320,44 @@ pfctl_clear_stats(int dev, int opts)
 	return (0);
 }

+int
+pfctl_get_skip_ifaces(void)
+{
+	bzero(&skip_b, sizeof(skip_b));
+	skip_b.pfrb_type = PFRB_IFACES;
+	for (;;) {
+		pfr_buf_grow(&skip_b, skip_b.pfrb_size);
+		skip_b.pfrb_size = skip_b.pfrb_msize;
+		if (pfi_get_ifaces(NULL, skip_b.pfrb_caddr, &skip_b.pfrb_size))
+			err(1, "pfi_get_ifaces");
+		if (skip_b.pfrb_size <= skip_b.pfrb_msize)
+			break;
+	}
+	return (0);
+}
+
+int
+pfctl_check_skip_ifaces(char *ifname)
+{
+	struct pfi_kif		*p;
+
+	PFRB_FOREACH(p, &skip_b)
+		if ((p->pfik_flags & PFI_IFLAG_SKIP) && !strcmp(ifname, p->pfik_name))
+			p->pfik_flags &= ~PFI_IFLAG_SKIP;
+	return (0);
+}
+
+int
+pfctl_clear_skip_ifaces(struct pfctl *pf)
+{
+	struct pfi_kif		*p;
+
+	PFRB_FOREACH(p, &skip_b)
+		if (p->pfik_flags & PFI_IFLAG_SKIP)
+			pfctl_set_interface_flags(pf, p->pfik_name, PFI_IFLAG_SKIP, 0);
+	return (0);
+}
+
 int
 pfctl_clear_interface_flags(int dev, int opts)
 {
@@ -1505,6 +1547,8 @@ pfctl_rules(int dev, char *filename, int opts, int optimize,
 		else
 			goto _error;
 	}
+	if (loadopt & PFCTL_FLAG_OPTION)
+		pfctl_clear_skip_ifaces(&pf);

 	if ((pf.loadopt & PFCTL_FLAG_FILTER &&
 	    (pfctl_load_ruleset(&pf, path, rs, PF_RULESET_SCRUB, 0))) ||
@@ -1915,6 +1959,7 @@ pfctl_set_interface_flags(struct pfctl *pf, char *ifname, int flags, int how)
 		} else {
 			if (ioctl(pf->dev, DIOCSETIFFLAG, &pi))
 				err(1, "DIOCSETIFFLAG");
+			pfctl_check_skip_ifaces(ifname);
 		}
 	}
 	return (0);
@@ -2405,7 +2450,7 @@ main(int argc, char *argv[])

 	if ((rulesopt != NULL) && (loadopt & PFCTL_FLAG_OPTION) &&
 	    !anchorname[0])
-		if (pfctl_clear_interface_flags(dev, opts | PF_OPT_QUIET))
+		if (pfctl_get_skip_ifaces())
 			error = 1;

 	if (rulesopt != NULL && !(opts & (PF_OPT_MERGE|PF_OPT_NOACTION)) &&
--- a/freebsd/sbin/pfctl/rtems-bsd-pfctl-namespace.h
+++ b/freebsd/sbin/pfctl/rtems-bsd-pfctl-namespace.h
@@ -79,11 +79,13 @@
 #define pfctl_add_pool _bsd_pfctl_pfctl_add_pool
 #define pfctl_add_rule _bsd_pfctl_pfctl_add_rule
 #define pfctl_addrprefix _bsd_pfctl_pfctl_addrprefix
+#define pfctl_check_skip_ifaces _bsd_pfctl_pfctl_check_skip_ifaces
 #define pfctl_clear_altq _bsd_pfctl_pfctl_clear_altq
 #define pfctl_clear_interface_flags _bsd_pfctl_pfctl_clear_interface_flags
 #define pfctl_clear_nat _bsd_pfctl_pfctl_clear_nat
 #define pfctl_clear_pool _bsd_pfctl_pfctl_clear_pool
 #define pfctl_clear_rules _bsd_pfctl_pfctl_clear_rules
+#define pfctl_clear_skip_ifaces _bsd_pfctl_pfctl_clear_skip_ifaces
 #define pfctl_clear_src_nodes _bsd_pfctl_pfctl_clear_src_nodes
 #define pfctl_clear_states _bsd_pfctl_pfctl_clear_states
 #define pfctl_clear_stats _bsd_pfctl_pfctl_clear_stats
@@ -92,6 +94,7 @@
 #define pfctl_enable _bsd_pfctl_pfctl_enable
 #define pfctl_fopen _bsd_pfctl_pfctl_fopen
 #define pfctl_get_pool _bsd_pfctl_pfctl_get_pool
+#define pfctl_get_skip_ifaces _bsd_pfctl_pfctl_get_skip_ifaces
 #define pfctl_id_kill_states _bsd_pfctl_pfctl_id_kill_states
 #define pfctl_init_options _bsd_pfctl_pfctl_init_options
 #define pfctl_kill_src_nodes _bsd_pfctl_pfctl_kill_src_nodes
--- a/freebsd/sbin/pfctl/rtems-bsd-pfctl-pfctl-data.h
+++ b/freebsd/sbin/pfctl/rtems-bsd-pfctl-pfctl-data.h
@@ -20,3 +20,4 @@ RTEMS_LINKER_RWSET_CONTENT(bsd_prog_pfctl, static int src_node_killers);
 RTEMS_LINKER_RWSET_CONTENT(bsd_prog_pfctl, static int state_killers);
 RTEMS_LINKER_RWSET_CONTENT(bsd_prog_pfctl, static struct pf_anchor pf_main_anchor);
 RTEMS_LINKER_RWSET_CONTENT(bsd_prog_pfctl, static struct pf_anchor_global pf_anchors);
+RTEMS_LINKER_RWSET_CONTENT(bsd_prog_pfctl, static struct pfr_buffer skip_b);