newrule
xx: { newrule(); }
static void newrule(void);
struct pf_krule *oldrule = NULL, *newrule = NULL;
newrule = pf_krule_alloc();
error = pf_rule_to_krule(&pcr->rule, newrule);
pf_krule_free(newrule);
if ((error = pf_rule_checkaf(newrule))) {
pf_krule_free(newrule);
if (newrule->ifname[0])
pf_counter_u64_init(&newrule->evaluations, M_WAITOK);
pf_counter_u64_init(&newrule->packets[i], M_WAITOK);
pf_counter_u64_init(&newrule->bytes[i], M_WAITOK);
newrule->states_cur = counter_u64_alloc(M_WAITOK);
newrule->states_tot = counter_u64_alloc(M_WAITOK);
newrule->src_nodes[sn_type] = counter_u64_alloc(M_WAITOK);
newrule->cuid = td->td_ucred->cr_ruid;
newrule->cpid = td->td_proc ? td->td_proc->p_pid : 0;
TAILQ_INIT(&newrule->nat.list);
TAILQ_INIT(&newrule->rdr.list);
TAILQ_INIT(&newrule->route.list);
if (newrule != NULL) {
LIST_INSERT_HEAD(&V_pf_allrulelist, newrule, allrulelist);
newrule->allrulelinked = true;
if (newrule->ifname[0]) {
newrule->kif = pfi_kkif_attach(kif,
newrule->ifname);
pfi_kkif_ref(newrule->kif);
newrule->kif = NULL;
if (newrule->rtableid > 0 &&
newrule->rtableid >= rt_numfibs)
if (newrule->qname[0] != 0) {
if ((newrule->qid =
pf_qname2qid(newrule->qname, true)) == 0)
else if (newrule->pqname[0] != 0) {
if ((newrule->pqid =
pf_qname2qid(newrule->pqname, true)) == 0)
newrule->pqid = newrule->qid;
if (newrule->tagname[0])
if ((newrule->tag =
pf_tagname2tag(newrule->tagname)) == 0)
if (newrule->match_tagname[0])
if ((newrule->match_tag = pf_tagname2tag(
newrule->match_tagname)) == 0)
if (newrule->rt && !newrule->direction)
if (!newrule->log)
newrule->logif = 0;
if (pf_addr_setup(ruleset, &newrule->src.addr, newrule->af))
if (pf_addr_setup(ruleset, &newrule->dst.addr, newrule->af))
if (pf_kanchor_setup(newrule, ruleset, pcr->anchor_call))
newrule->overload_tbl = NULL;
if (newrule->overload_tblname[0]) {
if ((newrule->overload_tbl = pfr_attach_table(
ruleset, newrule->overload_tblname)) ==
newrule->overload_tbl->pfrkt_flags |=
pf_mv_kpool(&V_pf_pabuf[0], &newrule->nat.list);
pf_mv_kpool(&V_pf_pabuf[1], &newrule->rdr.list);
pf_mv_kpool(&V_pf_pabuf[2], &newrule->route.list);
if (((((newrule->action == PF_NAT) ||
(newrule->action == PF_RDR) ||
(newrule->action == PF_BINAT) ||
(newrule->rt > PF_NOPFROUTE)) &&
!newrule->anchor)) &&
(TAILQ_FIRST(&newrule->rdr.list) == NULL))
pf_free_rule(newrule);
newrule->nat.cur = TAILQ_FIRST(&newrule->nat.list);
newrule->rdr.cur = TAILQ_FIRST(&newrule->rdr.list);
if (newrule != NULL)
pf_free_rule(newrule);
pf_hash_rule(newrule);
ruleset->rules[rs_num].active.tree, newrule) != NULL) {
pf_free_rule(newrule);
newrule, entries);
TAILQ_INSERT_BEFORE(oldrule, newrule, entries);
oldrule, newrule, entries);
pf_krule_free(newrule);