Lines Matching defs:rule
505 pf_nvrule_to_krule(const nvlist_t *nvl, struct pf_krule *rule)
511 PFNV_CHK(pf_nvuint32(nvl, "nr", &rule->nr));
517 &rule->src);
525 &rule->dst));
528 PFNV_CHK(pf_nvstring(nvl, "label", rule->label[0],
529 sizeof(rule->label[0])));
540 ret = strlcpy(rule->label[i], strs[i],
541 sizeof(rule->label[0]));
542 if (ret >= sizeof(rule->label[0]))
547 PFNV_CHK(pf_nvuint32_opt(nvl, "ridentifier", &rule->ridentifier, 0));
548 PFNV_CHK(pf_nvstring(nvl, "ifname", rule->ifname,
549 sizeof(rule->ifname)));
550 PFNV_CHK(pf_nvstring(nvl, "qname", rule->qname, sizeof(rule->qname)));
551 PFNV_CHK(pf_nvstring(nvl, "pqname", rule->pqname,
552 sizeof(rule->pqname)));
553 PFNV_CHK(pf_nvstring(nvl, "tagname", rule->tagname,
554 sizeof(rule->tagname)));
555 PFNV_CHK(pf_nvuint16_opt(nvl, "dnpipe", &rule->dnpipe, 0));
556 PFNV_CHK(pf_nvuint16_opt(nvl, "dnrpipe", &rule->dnrpipe, 0));
557 PFNV_CHK(pf_nvuint32_opt(nvl, "dnflags", &rule->free_flags, 0));
558 PFNV_CHK(pf_nvstring(nvl, "match_tagname", rule->match_tagname,
559 sizeof(rule->match_tagname)));
560 PFNV_CHK(pf_nvstring(nvl, "overload_tblname", rule->overload_tblname,
561 sizeof(rule->overload_tblname)));
566 &rule->rpool));
568 PFNV_CHK(pf_nvuint32(nvl, "os_fingerprint", &rule->os_fingerprint));
570 PFNV_CHK(pf_nvint(nvl, "rtableid", &rule->rtableid));
571 PFNV_CHK(pf_nvuint32_array(nvl, "timeout", rule->timeout, PFTM_MAX, NULL));
572 PFNV_CHK(pf_nvuint32(nvl, "max_states", &rule->max_states));
573 PFNV_CHK(pf_nvuint32(nvl, "max_src_nodes", &rule->max_src_nodes));
574 PFNV_CHK(pf_nvuint32(nvl, "max_src_states", &rule->max_src_states));
575 PFNV_CHK(pf_nvuint32(nvl, "max_src_conn", &rule->max_src_conn));
577 &rule->max_src_conn_rate.limit));
579 &rule->max_src_conn_rate.seconds));
580 PFNV_CHK(pf_nvuint32(nvl, "prob", &rule->prob));
581 PFNV_CHK(pf_nvuint32(nvl, "cuid", &rule->cuid));
582 PFNV_CHK(pf_nvuint32(nvl, "cpid", &rule->cpid));
584 PFNV_CHK(pf_nvuint16(nvl, "return_icmp", &rule->return_icmp));
585 PFNV_CHK(pf_nvuint16(nvl, "return_icmp6", &rule->return_icmp6));
587 PFNV_CHK(pf_nvuint16(nvl, "max_mss", &rule->max_mss));
588 PFNV_CHK(pf_nvuint16(nvl, "scrub_flags", &rule->scrub_flags));
593 &rule->uid));
598 &rule->gid));
600 PFNV_CHK(pf_nvuint32(nvl, "rule_flag", &rule->rule_flag));
601 PFNV_CHK(pf_nvuint8(nvl, "action", &rule->action));
602 PFNV_CHK(pf_nvuint8(nvl, "direction", &rule->direction));
603 PFNV_CHK(pf_nvuint8(nvl, "log", &rule->log));
604 PFNV_CHK(pf_nvuint8(nvl, "logif", &rule->logif));
605 PFNV_CHK(pf_nvuint8(nvl, "quick", &rule->quick));
606 PFNV_CHK(pf_nvuint8(nvl, "ifnot", &rule->ifnot));
607 PFNV_CHK(pf_nvuint8(nvl, "match_tag_not", &rule->match_tag_not));
608 PFNV_CHK(pf_nvuint8(nvl, "natpass", &rule->natpass));
610 PFNV_CHK(pf_nvuint8(nvl, "keep_state", &rule->keep_state));
611 PFNV_CHK(pf_nvuint8(nvl, "af", &rule->af));
612 PFNV_CHK(pf_nvuint8(nvl, "proto", &rule->proto));
613 PFNV_CHK(pf_nvuint8(nvl, "type", &rule->type));
614 PFNV_CHK(pf_nvuint8(nvl, "code", &rule->code));
615 PFNV_CHK(pf_nvuint8(nvl, "flags", &rule->flags));
616 PFNV_CHK(pf_nvuint8(nvl, "flagset", &rule->flagset));
617 PFNV_CHK(pf_nvuint8(nvl, "min_ttl", &rule->min_ttl));
618 PFNV_CHK(pf_nvuint8(nvl, "allow_opts", &rule->allow_opts));
619 PFNV_CHK(pf_nvuint8(nvl, "rt", &rule->rt));
620 PFNV_CHK(pf_nvuint8(nvl, "return_ttl", &rule->return_ttl));
621 PFNV_CHK(pf_nvuint8(nvl, "tos", &rule->tos));
622 PFNV_CHK(pf_nvuint8(nvl, "set_tos", &rule->set_tos));
624 PFNV_CHK(pf_nvuint8(nvl, "flush", &rule->flush));
625 PFNV_CHK(pf_nvuint8(nvl, "prio", &rule->prio));
627 PFNV_CHK(pf_nvuint8_array(nvl, "set_prio", rule->set_prio, 2, NULL));
635 &rule->divert.addr));
636 PFNV_CHK(pf_nvuint16(nvldivert, "port", &rule->divert.port));
641 if (rule->af == AF_INET)
645 if (rule->af == AF_INET6)
649 PFNV_CHK(pf_check_rule_addr(&rule->src));
650 PFNV_CHK(pf_check_rule_addr(&rule->dst));
660 pf_divert_to_nvdivert(const struct pf_krule *rule)
669 tmp = pf_addr_to_nvaddr(&rule->divert.addr);
674 nvlist_add_number(nvl, "port", rule->divert.port);
684 pf_krule_to_nvrule(struct pf_krule *rule)
692 nvlist_add_number(nvl, "nr", rule->nr);
693 tmp = pf_rule_addr_to_nvrule_addr(&rule->src);
698 tmp = pf_rule_addr_to_nvrule_addr(&rule->dst);
706 rule->skip[i].ptr ? rule->skip[i].ptr->nr : -1);
710 nvlist_append_string_array(nvl, "labels", rule->label[i]);
712 nvlist_add_string(nvl, "label", rule->label[0]);
713 nvlist_add_number(nvl, "ridentifier", rule->ridentifier);
714 nvlist_add_string(nvl, "ifname", rule->ifname);
715 nvlist_add_string(nvl, "qname", rule->qname);
716 nvlist_add_string(nvl, "pqname", rule->pqname);
717 nvlist_add_number(nvl, "dnpipe", rule->dnpipe);
718 nvlist_add_number(nvl, "dnrpipe", rule->dnrpipe);
719 nvlist_add_number(nvl, "dnflags", rule->free_flags);
720 nvlist_add_string(nvl, "tagname", rule->tagname);
721 nvlist_add_string(nvl, "match_tagname", rule->match_tagname);
722 nvlist_add_string(nvl, "overload_tblname", rule->overload_tblname);
724 tmp = pf_pool_to_nvpool(&rule->rpool);
731 pf_counter_u64_fetch(&rule->evaluations));
734 pf_counter_u64_fetch(&rule->packets[i]));
736 pf_counter_u64_fetch(&rule->bytes[i]));
738 nvlist_add_number(nvl, "timestamp", pf_get_timestamp(rule));
740 nvlist_add_number(nvl, "os_fingerprint", rule->os_fingerprint);
742 nvlist_add_number(nvl, "rtableid", rule->rtableid);
743 pf_uint32_array_nv(nvl, "timeout", rule->timeout, PFTM_MAX);
744 nvlist_add_number(nvl, "max_states", rule->max_states);
745 nvlist_add_number(nvl, "max_src_nodes", rule->max_src_nodes);
746 nvlist_add_number(nvl, "max_src_states", rule->max_src_states);
747 nvlist_add_number(nvl, "max_src_conn", rule->max_src_conn);
749 rule->max_src_conn_rate.limit);
751 rule->max_src_conn_rate.seconds);
752 nvlist_add_number(nvl, "qid", rule->qid);
753 nvlist_add_number(nvl, "pqid", rule->pqid);
754 nvlist_add_number(nvl, "prob", rule->prob);
755 nvlist_add_number(nvl, "cuid", rule->cuid);
756 nvlist_add_number(nvl, "cpid", rule->cpid);
759 counter_u64_fetch(rule->states_cur));
761 counter_u64_fetch(rule->states_tot));
763 counter_u64_fetch(rule->src_nodes));
765 nvlist_add_number(nvl, "return_icmp", rule->return_icmp);
766 nvlist_add_number(nvl, "return_icmp6", rule->return_icmp6);
768 nvlist_add_number(nvl, "max_mss", rule->max_mss);
769 nvlist_add_number(nvl, "scrub_flags", rule->scrub_flags);
771 tmp = pf_rule_uid_to_nvrule_uid(&rule->uid);
776 tmp = pf_rule_uid_to_nvrule_uid((const struct pf_rule_uid *)&rule->gid);
782 nvlist_add_number(nvl, "rule_flag", rule->rule_flag);
783 nvlist_add_number(nvl, "action", rule->action);
784 nvlist_add_number(nvl, "direction", rule->direction);
785 nvlist_add_number(nvl, "log", rule->log);
786 nvlist_add_number(nvl, "logif", rule->logif);
787 nvlist_add_number(nvl, "quick", rule->quick);
788 nvlist_add_number(nvl, "ifnot", rule->ifnot);
789 nvlist_add_number(nvl, "match_tag_not", rule->match_tag_not);
790 nvlist_add_number(nvl, "natpass", rule->natpass);
792 nvlist_add_number(nvl, "keep_state", rule->keep_state);
793 nvlist_add_number(nvl, "af", rule->af);
794 nvlist_add_number(nvl, "proto", rule->proto);
795 nvlist_add_number(nvl, "type", rule->type);
796 nvlist_add_number(nvl, "code", rule->code);
797 nvlist_add_number(nvl, "flags", rule->flags);
798 nvlist_add_number(nvl, "flagset", rule->flagset);
799 nvlist_add_number(nvl, "min_ttl", rule->min_ttl);
800 nvlist_add_number(nvl, "allow_opts", rule->allow_opts);
801 nvlist_add_number(nvl, "rt", rule->rt);
802 nvlist_add_number(nvl, "return_ttl", rule->return_ttl);
803 nvlist_add_number(nvl, "tos", rule->tos);
804 nvlist_add_number(nvl, "set_tos", rule->set_tos);
805 nvlist_add_number(nvl, "anchor_relative", rule->anchor_relative);
806 nvlist_add_number(nvl, "anchor_wildcard", rule->anchor_wildcard);
808 nvlist_add_number(nvl, "flush", rule->flush);
809 nvlist_add_number(nvl, "prio", rule->prio);
811 pf_uint8_array_nv(nvl, "set_prio", rule->set_prio, 2);
813 tmp = pf_divert_to_nvdivert(rule);
972 nvlist_add_number(nvl, "rule", s->rule.ptr ? s->rule.ptr->nr : -1);