Simplify struct pf_pooladdr to include struct pf_addr_wrap directly

instead of indirectly trough struct pf_rule_addr. Ryan McBride says: If I'm not mistaken, the code _used_ to use the ports in pf_rule_addr as well. The code was changed to fix some of the bugs with port ranges, but it was too late in the release cycle to make kernel API changes, so the structure was left as is. Needless to say: KERNEL/USERLAND SYNC REQUIRED. ok henning@ mcbride@
author: cedric <cedric@openbsd.org> 2003-07-19 13:08:58 +0000
committer: cedric <cedric@openbsd.org> 2003-07-19 13:08:58 +0000
commit: 20b4324ffc3c1bd74581ff5fb8a732a791f321fc (patch)
tree: 3356d014e630e28e0621a095ced4dfe34008a4b7
parent: - sync with NetBSD or Niels' tarball where appropriate (diff)
download: wireguard-openbsd-20b4324ffc3c1bd74581ff5fb8a732a791f321fc.tar.xz
wireguard-openbsd-20b4324ffc3c1bd74581ff5fb8a732a791f321fc.zip
5 files changed, 45 insertions, 44 deletions
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index ad3f560a797..8ffb82445c8 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.402 2003/07/18 06:30:06 cedric Exp $	*/
+/*	$OpenBSD: parse.y,v 1.403 2003/07/19 13:08:58 cedric Exp $	*/
 
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -2823,7 +2823,7 @@ binatrule	: no BINAT natpass interface af proto FROM host TO ipspec tag
 				pa = calloc(1, sizeof(struct pf_pooladdr));
 				if (pa == NULL)
 					err(1, "binat: calloc");
-				pa->addr.addr = $12->host->addr;
+				pa->addr = $12->host->addr;
 				pa->ifname[0] = 0;
 				TAILQ_INSERT_TAIL(&binat.rpool.list,
 				    pa, entries);
@@ -3107,7 +3107,7 @@ nat_consistent(struct pf_rule *r)
 	}
 	if (!r->af) {
 		TAILQ_FOREACH(pa, &r->rpool.list, entries) {
-			if (pa->addr.addr.type == PF_ADDR_DYNIFTL) {
+			if (pa->addr.type == PF_ADDR_DYNIFTL) {
 				yyerror("dynamic addresses require "
 				    "address family (inet/inet6)");
 				problems++;
@@ -3156,7 +3156,7 @@ rdr_consistent(struct pf_rule *r)
 			problems++;
 		} else {
 			TAILQ_FOREACH(pa, &r->rpool.list, entries) {
-				if (pa->addr.addr.type == PF_ADDR_DYNIFTL) {
+				if (pa->addr.type == PF_ADDR_DYNIFTL) {
 					yyerror("dynamic addresses require "
 					    "address family (inet/inet6)");
 					problems++;
@@ -3752,7 +3752,7 @@ expand_rule(struct pf_rule *r,
 			pa = calloc(1, sizeof(struct pf_pooladdr));
 			if (pa == NULL)
 				err(1, "expand_rule: calloc");
-			pa->addr.addr = h->addr;
+			pa->addr = h->addr;
 			if (h->ifname != NULL) {
 				if (strlcpy(pa->ifname, h->ifname,
 				    sizeof(pa->ifname)) >=
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c
index 7b3ccc560a0..0ab6ea0d908 100644
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfctl_parser.c,v 1.169 2003/07/15 17:12:38 cedric Exp $ */
+/*	$OpenBSD: pfctl_parser.c,v 1.170 2003/07/19 13:08:58 cedric Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -398,14 +398,14 @@ print_pool(struct pf_pool *pool, u_int16_t p1, u_int16_t p2,
 		case PF_NAT:
 		case PF_RDR:
 		case PF_BINAT:
-			print_addr(&pooladdr->addr.addr, af, 0);
+			print_addr(&pooladdr->addr, af, 0);
 			break;
 		case PF_PASS:
-			if (PF_AZERO(&pooladdr->addr.addr.v.a.addr, af))
+			if (PF_AZERO(&pooladdr->addr.v.a.addr, af))
 				printf("%s", pooladdr->ifname);
 			else {
 				printf("(%s ", pooladdr->ifname);
-				print_addr(&pooladdr->addr.addr, af, 0);
+				print_addr(&pooladdr->addr, af, 0);
 				printf(")");
 			}
 			break;
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 7793fd43852..38c392c5e02 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf.c,v 1.377 2003/07/12 09:36:23 dhartmei Exp $ */
+/*	$OpenBSD: pf.c,v 1.378 2003/07/19 13:08:58 cedric Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -1558,14 +1558,14 @@ pf_map_addr(u_int8_t af, struct pf_pool *rpool, struct pf_addr *saddr,
     struct pf_addr *naddr, struct pf_addr *init_addr)
 {
 	unsigned char		 hash[16];
-	struct pf_addr		*raddr = &rpool->cur->addr.addr.v.a.addr;
-	struct pf_addr		*rmask = &rpool->cur->addr.addr.v.a.mask;
+	struct pf_addr		*raddr = &rpool->cur->addr.v.a.addr;
+	struct pf_addr		*rmask = &rpool->cur->addr.v.a.mask;
 
-	if (rpool->cur->addr.addr.type == PF_ADDR_NOROUTE ||
-	    rpool->cur->addr.addr.type == PF_ADDR_TABLE)
+	if (rpool->cur->addr.type == PF_ADDR_NOROUTE ||
+	    rpool->cur->addr.type == PF_ADDR_TABLE)
 		return (1);
-	if (rpool->cur->addr.addr.type == PF_ADDR_DYNIFTL &&
-	    rpool->cur->addr.addr.p.dyn->undefined)
+	if (rpool->cur->addr.type == PF_ADDR_DYNIFTL &&
+	    rpool->cur->addr.p.dyn->undefined)
 		return (1);
 
 	switch (rpool->opts & PF_POOL_TYPEMASK) {
@@ -1615,17 +1615,17 @@ pf_map_addr(u_int8_t af, struct pf_pool *rpool, struct pf_addr *saddr,
 		PF_POOLMASK(naddr, raddr, rmask, (struct pf_addr *)&hash, af);
 		break;
 	case PF_POOL_ROUNDROBIN:
-		if (pf_match_addr(0, &rpool->cur->addr.addr.v.a.addr,
-		    &rpool->cur->addr.addr.v.a.mask, &rpool->counter, af)) {
+		if (pf_match_addr(0, &rpool->cur->addr.v.a.addr,
+		    &rpool->cur->addr.v.a.mask, &rpool->counter, af)) {
 			PF_ACPY(naddr, &rpool->counter, af);
 			PF_AINC(&rpool->counter, af);
 		} else {
 			if ((rpool->cur =
 			    TAILQ_NEXT(rpool->cur, entries)) == NULL)
 				rpool->cur = TAILQ_FIRST(&rpool->list);
-			PF_ACPY(naddr, &rpool->cur->addr.addr.v.a.addr, af);
+			PF_ACPY(naddr, &rpool->cur->addr.v.a.addr, af);
 			PF_ACPY(&rpool->counter,
-			    &rpool->cur->addr.addr.v.a.addr, af);
+			    &rpool->cur->addr.v.a.addr, af);
 			PF_AINC(&rpool->counter, af);
 		}
 		break;
@@ -1738,11 +1738,12 @@ pf_match_translation(int direction, struct ifnet *ifp, u_int8_t proto,
 	r = TAILQ_FIRST(pf_main_ruleset.rules[rs_num].active.ptr);
 	while (r && rm == NULL) {
 		struct pf_rule_addr	*src = NULL, *dst = NULL;
+		struct pf_addr_wrap	*xdst = NULL;
 
 		if (r->action == PF_BINAT && direction == PF_IN) {
 			src = &r->dst;
 			if (r->rpool.cur != NULL)
-				dst = &r->rpool.cur->addr;
+				xdst = &r->rpool.cur->addr;
 		} else {
 			src = &r->src;
 			dst = &r->dst;
@@ -1767,13 +1768,13 @@ pf_match_translation(int direction, struct ifnet *ifp, u_int8_t proto,
 			    PF_SKIP_DST_PORT].ptr;
 		else if (dst != NULL &&
 		    PF_MISMATCHAW(&dst->addr, daddr, af, dst->not))
-			r = dst == &r->dst ? r->skip[PF_SKIP_DST_ADDR].ptr :
-			    TAILQ_NEXT(r, entries);
+			r = r->skip[PF_SKIP_DST_ADDR].ptr;
+		else if (xdst != NULL && PF_MISMATCHAW(xdst, daddr, af, 0))
+			r = TAILQ_NEXT(r, entries);
 		else if (dst != NULL && dst->port_op &&
 		    !pf_match_port(dst->port_op, dst->port[0],
 		    dst->port[1], dport))
-			r = dst == &r->dst ? r->skip[PF_SKIP_DST_PORT].ptr :
-			    TAILQ_NEXT(r, entries);
+			r = r->skip[PF_SKIP_DST_PORT].ptr;
 		else if (r->anchorname[0] && r->anchor == NULL)
 			r = TAILQ_NEXT(r, entries);
 		else if (r->anchor == NULL)
@@ -1834,14 +1835,14 @@ pf_get_translation(int direction, struct ifnet *ifp, u_int8_t proto,
 		case PF_BINAT:
 			switch (direction) {
 			case PF_OUT:
-				if (r->rpool.cur->addr.addr.type ==
+				if (r->rpool.cur->addr.type ==
 				    PF_ADDR_DYNIFTL &&
-				    r->rpool.cur->addr.addr.p.dyn->undefined)
+				    r->rpool.cur->addr.p.dyn->undefined)
 					return (NULL);
 				else
 					PF_POOLMASK(naddr,
-					    &r->rpool.cur->addr.addr.v.a.addr,
-					    &r->rpool.cur->addr.addr.v.a.mask,
+					    &r->rpool.cur->addr.v.a.addr,
+					    &r->rpool.cur->addr.v.a.mask,
 					    saddr, af);
 				break;
 			case PF_IN:
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index bc07c0ae7b0..2b38f3152b2 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_ioctl.c,v 1.75 2003/06/30 19:09:25 henning Exp $ */
+/*	$OpenBSD: pf_ioctl.c,v 1.76 2003/07/19 13:08:58 cedric Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -382,7 +382,7 @@ pf_empty_pool(struct pf_palist *poola)
 	struct pf_pooladdr	*empty_pool_pa;
 
 	while ((empty_pool_pa = TAILQ_FIRST(poola)) != NULL) {
-		pf_dynaddr_remove(&empty_pool_pa->addr.addr);
+		pf_dynaddr_remove(&empty_pool_pa->addr);
 		TAILQ_REMOVE(poola, empty_pool_pa, entries);
 		pool_put(&pf_pooladdr_pl, empty_pool_pa);
 	}
@@ -1646,8 +1646,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 			break;
 		}
 #endif /* INET6 */
-		if (pp->addr.addr.addr.type != PF_ADDR_ADDRMASK &&
-		    pp->addr.addr.addr.type != PF_ADDR_DYNIFTL) {
+		if (pp->addr.addr.type != PF_ADDR_ADDRMASK &&
+		    pp->addr.addr.type != PF_ADDR_DYNIFTL) {
 			error = EINVAL;
 			break;
 		}
@@ -1665,8 +1665,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 				break;
 			}
 		}
-		if (pf_dynaddr_setup(&pa->addr.addr, pp->af)) {
-			pf_dynaddr_remove(&pa->addr.addr);
+		if (pf_dynaddr_setup(&pa->addr, pp->af)) {
+			pf_dynaddr_remove(&pa->addr);
 			pool_put(&pf_pooladdr_pl, pa);
 			error = EINVAL;
 			break;
@@ -1716,7 +1716,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 			break;
 		}
 		bcopy(pa, &pp->addr, sizeof(struct pf_pooladdr));
-		pf_dynaddr_copyout(&pp->addr.addr.addr);
+		pf_dynaddr_copyout(&pp->addr.addr);
 		splx(s);
 		break;
 	}
@@ -1730,8 +1730,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 			error = EINVAL;
 			break;
 		}
-		if (pca->addr.addr.addr.type != PF_ADDR_ADDRMASK &&
-		    pca->addr.addr.addr.type != PF_ADDR_DYNIFTL) {
+		if (pca->addr.addr.type != PF_ADDR_ADDRMASK &&
+		    pca->addr.addr.type != PF_ADDR_DYNIFTL) {
 			error = EINVAL;
 			break;
 		}
@@ -1772,8 +1772,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 				}
 			} else
 				newpa->ifp = NULL;
-			if (pf_dynaddr_setup(&newpa->addr.addr, pca->af)) {
-				pf_dynaddr_remove(&newpa->addr.addr);
+			if (pf_dynaddr_setup(&newpa->addr, pca->af)) {
+				pf_dynaddr_remove(&newpa->addr);
 				pool_put(&pf_pooladdr_pl, newpa);
 				error = EINVAL;
 				break;
@@ -1803,7 +1803,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 
 		if (pca->action == PF_CHANGE_REMOVE) {
 			TAILQ_REMOVE(&pool->list, oldpa, entries);
-			pf_dynaddr_remove(&oldpa->addr.addr);
+			pf_dynaddr_remove(&oldpa->addr);
 			pool_put(&pf_pooladdr_pl, oldpa);
 		} else {
 			if (oldpa == NULL)
@@ -1817,7 +1817,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 		}
 
 		pool->cur = TAILQ_FIRST(&pool->list);
-		PF_ACPY(&pool->counter, &pool->cur->addr.addr.v.a.addr,
+		PF_ACPY(&pool->counter, &pool->cur->addr.v.a.addr,
 		    pca->af);
 		splx(s);
 		break;
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index 98344f6a339..4c247953a71 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfvar.h,v 1.162 2003/07/04 10:39:31 henning Exp $ */
+/*	$OpenBSD: pfvar.h,v 1.163 2003/07/19 13:08:58 cedric Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -292,7 +292,7 @@ struct pf_rule_addr {
 };
 
 struct pf_pooladdr {
-	struct pf_rule_addr		 addr;
+	struct pf_addr_wrap		 addr;
 	TAILQ_ENTRY(pf_pooladdr)	 entries;
 	char				 ifname[IFNAMSIZ];
 	struct ifnet			*ifp;
author	cedric <cedric@openbsd.org>	2003-07-19 13:08:58 +0000
committer	cedric <cedric@openbsd.org>	2003-07-19 13:08:58 +0000
commit	20b4324ffc3c1bd74581ff5fb8a732a791f321fc (patch)
tree	3356d014e630e28e0621a095ced4dfe34008a4b7
parent	- sync with NetBSD or Niels' tarball where appropriate (diff)
download	wireguard-openbsd-20b4324ffc3c1bd74581ff5fb8a732a791f321fc.tar.xz wireguard-openbsd-20b4324ffc3c1bd74581ff5fb8a732a791f321fc.zip