Lines Matching refs:rule

505 pf_nvrule_to_krule(const nvlist_t *nvl, struct pf_krule *rule)  in pf_nvrule_to_krule()  argument
511 PFNV_CHK(pf_nvuint32(nvl, "nr", &rule->nr)); in pf_nvrule_to_krule()
517 &rule->src); in pf_nvrule_to_krule()
525 &rule->dst)); in pf_nvrule_to_krule()
528 PFNV_CHK(pf_nvstring(nvl, "label", rule->label[0], in pf_nvrule_to_krule()
529 sizeof(rule->label[0]))); in pf_nvrule_to_krule()
540 ret = strlcpy(rule->label[i], strs[i], in pf_nvrule_to_krule()
541 sizeof(rule->label[0])); in pf_nvrule_to_krule()
542 if (ret >= sizeof(rule->label[0])) in pf_nvrule_to_krule()
547 PFNV_CHK(pf_nvuint32_opt(nvl, "ridentifier", &rule->ridentifier, 0)); in pf_nvrule_to_krule()
548 PFNV_CHK(pf_nvstring(nvl, "ifname", rule->ifname, in pf_nvrule_to_krule()
549 sizeof(rule->ifname))); in pf_nvrule_to_krule()
550 PFNV_CHK(pf_nvstring(nvl, "qname", rule->qname, sizeof(rule->qname))); in pf_nvrule_to_krule()
551 PFNV_CHK(pf_nvstring(nvl, "pqname", rule->pqname, in pf_nvrule_to_krule()
552 sizeof(rule->pqname))); in pf_nvrule_to_krule()
553 PFNV_CHK(pf_nvstring(nvl, "tagname", rule->tagname, in pf_nvrule_to_krule()
554 sizeof(rule->tagname))); in pf_nvrule_to_krule()
555 PFNV_CHK(pf_nvuint16_opt(nvl, "dnpipe", &rule->dnpipe, 0)); in pf_nvrule_to_krule()
556 PFNV_CHK(pf_nvuint16_opt(nvl, "dnrpipe", &rule->dnrpipe, 0)); in pf_nvrule_to_krule()
557 PFNV_CHK(pf_nvuint32_opt(nvl, "dnflags", &rule->free_flags, 0)); in pf_nvrule_to_krule()
558 PFNV_CHK(pf_nvstring(nvl, "match_tagname", rule->match_tagname, in pf_nvrule_to_krule()
559 sizeof(rule->match_tagname))); in pf_nvrule_to_krule()
560 PFNV_CHK(pf_nvstring(nvl, "overload_tblname", rule->overload_tblname, in pf_nvrule_to_krule()
561 sizeof(rule->overload_tblname))); in pf_nvrule_to_krule()
566 &rule->rdr)); in pf_nvrule_to_krule()
568 PFNV_CHK(pf_nvuint32(nvl, "os_fingerprint", &rule->os_fingerprint)); in pf_nvrule_to_krule()
570 PFNV_CHK(pf_nvint(nvl, "rtableid", &rule->rtableid)); in pf_nvrule_to_krule()
571 PFNV_CHK(pf_nvuint32_array(nvl, "timeout", rule->timeout, PFTM_MAX, NULL)); in pf_nvrule_to_krule()
572 PFNV_CHK(pf_nvuint32(nvl, "max_states", &rule->max_states)); in pf_nvrule_to_krule()
573 PFNV_CHK(pf_nvuint32(nvl, "max_src_nodes", &rule->max_src_nodes)); in pf_nvrule_to_krule()
574 PFNV_CHK(pf_nvuint32(nvl, "max_src_states", &rule->max_src_states)); in pf_nvrule_to_krule()
575 PFNV_CHK(pf_nvuint32(nvl, "max_src_conn", &rule->max_src_conn)); in pf_nvrule_to_krule()
577 &rule->max_src_conn_rate.limit)); in pf_nvrule_to_krule()
579 &rule->max_src_conn_rate.seconds)); in pf_nvrule_to_krule()
580 PFNV_CHK(pf_nvuint32(nvl, "prob", &rule->prob)); in pf_nvrule_to_krule()
581 PFNV_CHK(pf_nvuint32(nvl, "cuid", &rule->cuid)); in pf_nvrule_to_krule()
582 PFNV_CHK(pf_nvuint32(nvl, "cpid", &rule->cpid)); in pf_nvrule_to_krule()
584 PFNV_CHK(pf_nvuint16(nvl, "return_icmp", &rule->return_icmp)); in pf_nvrule_to_krule()
585 PFNV_CHK(pf_nvuint16(nvl, "return_icmp6", &rule->return_icmp6)); in pf_nvrule_to_krule()
587 PFNV_CHK(pf_nvuint16(nvl, "max_mss", &rule->max_mss)); in pf_nvrule_to_krule()
588 PFNV_CHK(pf_nvuint16(nvl, "scrub_flags", &rule->scrub_flags)); in pf_nvrule_to_krule()
593 &rule->uid)); in pf_nvrule_to_krule()
598 &rule->gid)); in pf_nvrule_to_krule()
600 PFNV_CHK(pf_nvuint32(nvl, "rule_flag", &rule->rule_flag)); in pf_nvrule_to_krule()
601 PFNV_CHK(pf_nvuint8(nvl, "action", &rule->action)); in pf_nvrule_to_krule()
602 PFNV_CHK(pf_nvuint8(nvl, "direction", &rule->direction)); in pf_nvrule_to_krule()
603 PFNV_CHK(pf_nvuint8(nvl, "log", &rule->log)); in pf_nvrule_to_krule()
604 PFNV_CHK(pf_nvuint8(nvl, "logif", &rule->logif)); in pf_nvrule_to_krule()
605 PFNV_CHK(pf_nvuint8(nvl, "quick", &rule->quick)); in pf_nvrule_to_krule()
606 PFNV_CHK(pf_nvuint8(nvl, "ifnot", &rule->ifnot)); in pf_nvrule_to_krule()
607 PFNV_CHK(pf_nvuint8(nvl, "match_tag_not", &rule->match_tag_not)); in pf_nvrule_to_krule()
608 PFNV_CHK(pf_nvuint8(nvl, "natpass", &rule->natpass)); in pf_nvrule_to_krule()
610 PFNV_CHK(pf_nvuint8(nvl, "keep_state", &rule->keep_state)); in pf_nvrule_to_krule()
611 PFNV_CHK(pf_nvuint8(nvl, "af", &rule->af)); in pf_nvrule_to_krule()
612 PFNV_CHK(pf_nvuint8(nvl, "proto", &rule->proto)); in pf_nvrule_to_krule()
613 PFNV_CHK(pf_nvuint8(nvl, "type", &rule->type)); in pf_nvrule_to_krule()
614 PFNV_CHK(pf_nvuint8(nvl, "code", &rule->code)); in pf_nvrule_to_krule()
615 PFNV_CHK(pf_nvuint8(nvl, "flags", &rule->flags)); in pf_nvrule_to_krule()
616 PFNV_CHK(pf_nvuint8(nvl, "flagset", &rule->flagset)); in pf_nvrule_to_krule()
617 PFNV_CHK(pf_nvuint8(nvl, "min_ttl", &rule->min_ttl)); in pf_nvrule_to_krule()
618 PFNV_CHK(pf_nvuint8(nvl, "allow_opts", &rule->allow_opts)); in pf_nvrule_to_krule()
619 PFNV_CHK(pf_nvuint8(nvl, "rt", &rule->rt)); in pf_nvrule_to_krule()
620 PFNV_CHK(pf_nvuint8(nvl, "return_ttl", &rule->return_ttl)); in pf_nvrule_to_krule()
621 PFNV_CHK(pf_nvuint8(nvl, "tos", &rule->tos)); in pf_nvrule_to_krule()
622 PFNV_CHK(pf_nvuint8(nvl, "set_tos", &rule->set_tos)); in pf_nvrule_to_krule()
624 PFNV_CHK(pf_nvuint8(nvl, "flush", &rule->flush)); in pf_nvrule_to_krule()
625 PFNV_CHK(pf_nvuint8(nvl, "prio", &rule->prio)); in pf_nvrule_to_krule()
627 PFNV_CHK(pf_nvuint8_array(nvl, "set_prio", rule->set_prio, 2, NULL)); in pf_nvrule_to_krule()
635 &rule->divert.addr)); in pf_nvrule_to_krule()
636 PFNV_CHK(pf_nvuint16(nvldivert, "port", &rule->divert.port)); in pf_nvrule_to_krule()
641 if (rule->af == AF_INET) in pf_nvrule_to_krule()
645 if (rule->af == AF_INET6) in pf_nvrule_to_krule()
649 PFNV_CHK(pf_check_rule_addr(&rule->src)); in pf_nvrule_to_krule()
650 PFNV_CHK(pf_check_rule_addr(&rule->dst)); in pf_nvrule_to_krule()
660 pf_divert_to_nvdivert(const struct pf_krule *rule) in pf_divert_to_nvdivert() argument
669 tmp = pf_addr_to_nvaddr(&rule->divert.addr); in pf_divert_to_nvdivert()
674 nvlist_add_number(nvl, "port", rule->divert.port); in pf_divert_to_nvdivert()
684 pf_krule_to_nvrule(struct pf_krule *rule) in pf_krule_to_nvrule() argument
693 nvlist_add_number(nvl, "nr", rule->nr); in pf_krule_to_nvrule()
694 tmp = pf_rule_addr_to_nvrule_addr(&rule->src); in pf_krule_to_nvrule()
699 tmp = pf_rule_addr_to_nvrule_addr(&rule->dst); in pf_krule_to_nvrule()
707 rule->skip[i] ? rule->skip[i]->nr : -1); in pf_krule_to_nvrule()
711 nvlist_append_string_array(nvl, "labels", rule->label[i]); in pf_krule_to_nvrule()
713 nvlist_add_string(nvl, "label", rule->label[0]); in pf_krule_to_nvrule()
714 nvlist_add_number(nvl, "ridentifier", rule->ridentifier); in pf_krule_to_nvrule()
715 nvlist_add_string(nvl, "ifname", rule->ifname); in pf_krule_to_nvrule()
716 nvlist_add_string(nvl, "qname", rule->qname); in pf_krule_to_nvrule()
717 nvlist_add_string(nvl, "pqname", rule->pqname); in pf_krule_to_nvrule()
718 nvlist_add_number(nvl, "dnpipe", rule->dnpipe); in pf_krule_to_nvrule()
719 nvlist_add_number(nvl, "dnrpipe", rule->dnrpipe); in pf_krule_to_nvrule()
720 nvlist_add_number(nvl, "dnflags", rule->free_flags); in pf_krule_to_nvrule()
721 nvlist_add_string(nvl, "tagname", rule->tagname); in pf_krule_to_nvrule()
722 nvlist_add_string(nvl, "match_tagname", rule->match_tagname); in pf_krule_to_nvrule()
723 nvlist_add_string(nvl, "overload_tblname", rule->overload_tblname); in pf_krule_to_nvrule()
725 tmp = pf_pool_to_nvpool(&rule->rdr); in pf_krule_to_nvrule()
732 pf_counter_u64_fetch(&rule->evaluations)); in pf_krule_to_nvrule()
735 pf_counter_u64_fetch(&rule->packets[i])); in pf_krule_to_nvrule()
737 pf_counter_u64_fetch(&rule->bytes[i])); in pf_krule_to_nvrule()
739 nvlist_add_number(nvl, "timestamp", pf_get_timestamp(rule)); in pf_krule_to_nvrule()
741 nvlist_add_number(nvl, "os_fingerprint", rule->os_fingerprint); in pf_krule_to_nvrule()
743 nvlist_add_number(nvl, "rtableid", rule->rtableid); in pf_krule_to_nvrule()
744 pf_uint32_array_nv(nvl, "timeout", rule->timeout, PFTM_MAX); in pf_krule_to_nvrule()
745 nvlist_add_number(nvl, "max_states", rule->max_states); in pf_krule_to_nvrule()
746 nvlist_add_number(nvl, "max_src_nodes", rule->max_src_nodes); in pf_krule_to_nvrule()
747 nvlist_add_number(nvl, "max_src_states", rule->max_src_states); in pf_krule_to_nvrule()
748 nvlist_add_number(nvl, "max_src_conn", rule->max_src_conn); in pf_krule_to_nvrule()
750 rule->max_src_conn_rate.limit); in pf_krule_to_nvrule()
752 rule->max_src_conn_rate.seconds); in pf_krule_to_nvrule()
753 nvlist_add_number(nvl, "qid", rule->qid); in pf_krule_to_nvrule()
754 nvlist_add_number(nvl, "pqid", rule->pqid); in pf_krule_to_nvrule()
755 nvlist_add_number(nvl, "prob", rule->prob); in pf_krule_to_nvrule()
756 nvlist_add_number(nvl, "cuid", rule->cuid); in pf_krule_to_nvrule()
757 nvlist_add_number(nvl, "cpid", rule->cpid); in pf_krule_to_nvrule()
760 counter_u64_fetch(rule->states_cur)); in pf_krule_to_nvrule()
762 counter_u64_fetch(rule->states_tot)); in pf_krule_to_nvrule()
764 src_nodes_total += counter_u64_fetch(rule->src_nodes[sn_type]); in pf_krule_to_nvrule()
767 nvlist_add_number(nvl, "return_icmp", rule->return_icmp); in pf_krule_to_nvrule()
768 nvlist_add_number(nvl, "return_icmp6", rule->return_icmp6); in pf_krule_to_nvrule()
770 nvlist_add_number(nvl, "max_mss", rule->max_mss); in pf_krule_to_nvrule()
771 nvlist_add_number(nvl, "scrub_flags", rule->scrub_flags); in pf_krule_to_nvrule()
773 tmp = pf_rule_uid_to_nvrule_uid(&rule->uid); in pf_krule_to_nvrule()
778 tmp = pf_rule_uid_to_nvrule_uid((const struct pf_rule_uid *)&rule->gid); in pf_krule_to_nvrule()
784 nvlist_add_number(nvl, "rule_flag", rule->rule_flag); in pf_krule_to_nvrule()
785 nvlist_add_number(nvl, "action", rule->action); in pf_krule_to_nvrule()
786 nvlist_add_number(nvl, "direction", rule->direction); in pf_krule_to_nvrule()
787 nvlist_add_number(nvl, "log", rule->log); in pf_krule_to_nvrule()
788 nvlist_add_number(nvl, "logif", rule->logif); in pf_krule_to_nvrule()
789 nvlist_add_number(nvl, "quick", rule->quick); in pf_krule_to_nvrule()
790 nvlist_add_number(nvl, "ifnot", rule->ifnot); in pf_krule_to_nvrule()
791 nvlist_add_number(nvl, "match_tag_not", rule->match_tag_not); in pf_krule_to_nvrule()
792 nvlist_add_number(nvl, "natpass", rule->natpass); in pf_krule_to_nvrule()
794 nvlist_add_number(nvl, "keep_state", rule->keep_state); in pf_krule_to_nvrule()
795 nvlist_add_number(nvl, "af", rule->af); in pf_krule_to_nvrule()
796 nvlist_add_number(nvl, "proto", rule->proto); in pf_krule_to_nvrule()
797 nvlist_add_number(nvl, "type", rule->type); in pf_krule_to_nvrule()
798 nvlist_add_number(nvl, "code", rule->code); in pf_krule_to_nvrule()
799 nvlist_add_number(nvl, "flags", rule->flags); in pf_krule_to_nvrule()
800 nvlist_add_number(nvl, "flagset", rule->flagset); in pf_krule_to_nvrule()
801 nvlist_add_number(nvl, "min_ttl", rule->min_ttl); in pf_krule_to_nvrule()
802 nvlist_add_number(nvl, "allow_opts", rule->allow_opts); in pf_krule_to_nvrule()
803 nvlist_add_number(nvl, "rt", rule->rt); in pf_krule_to_nvrule()
804 nvlist_add_number(nvl, "return_ttl", rule->return_ttl); in pf_krule_to_nvrule()
805 nvlist_add_number(nvl, "tos", rule->tos); in pf_krule_to_nvrule()
806 nvlist_add_number(nvl, "set_tos", rule->set_tos); in pf_krule_to_nvrule()
807 nvlist_add_number(nvl, "anchor_relative", rule->anchor_relative); in pf_krule_to_nvrule()
808 nvlist_add_number(nvl, "anchor_wildcard", rule->anchor_wildcard); in pf_krule_to_nvrule()
810 nvlist_add_number(nvl, "flush", rule->flush); in pf_krule_to_nvrule()
811 nvlist_add_number(nvl, "prio", rule->prio); in pf_krule_to_nvrule()
813 pf_uint8_array_nv(nvl, "set_prio", rule->set_prio, 2); in pf_krule_to_nvrule()
815 tmp = pf_divert_to_nvdivert(rule); in pf_krule_to_nvrule()
974 nvlist_add_number(nvl, "rule", s->rule ? s->rule->nr : -1); in pf_state_to_nvstate()