hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-27 03:11:52 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add ipfw table all destroy support.

Browse Source 
PR:		212669
MFC after:	1 week
This commit is contained in:
Andrey V. Elsukov 2017-05-02 17:16:24 +00:00
parent 6554316cdc
commit 421c583873
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=317682
2 changed files with 37 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sbin/ipfw/ipfw.8
View File

@ -50,7 +50,9 @@ in-kernel NAT.
.Nm
.Oo Cm set Ar N Oc Cm table Ar name Cm create Ar create-options
.Nm
.Oo Cm set Ar N Oc Cm table Ar name Cm destroy
.Oo Cm set Ar N Oc Cm table
.Brq Ar name | all
.Cm destroy
.Nm
.Oo Cm set Ar N Oc Cm table Ar name Cm modify Ar modify-options
.Nm

42
sbin/ipfw/tables.c
View File

@ -54,6 +54,7 @@ static int table_swap(ipfw_obj_header *oh, char *second);
static int table_get_info(ipfw_obj_header *oh, ipfw_xtable_info *i);
static int table_show_info(ipfw_xtable_info *i, void *arg);
static int table_destroy_one(ipfw_xtable_info *i, void *arg);
static int table_flush_one(ipfw_xtable_info *i, void *arg);
static int table_show_one(ipfw_xtable_info *i, void *arg);
static int table_do_get_list(ipfw_xtable_info *i, ipfw_obj_header **poh);
@ -132,7 +133,7 @@ lookup_host (char *host, struct in_addr *ipaddr)
* This one handles all table-related commands
* ipfw table NAME create ...
* ipfw table NAME modify ...
* ipfw table NAME destroy
* ipfw table {NAME | all} destroy
* ipfw table NAME swap NAME
* ipfw table NAME lock
* ipfw table NAME unlock
@ -200,6 +201,7 @@ ipfw_table_handler(int ac, char *av[])
case TOK_INFO:
case TOK_DETAIL:
case TOK_FLUSH:
case TOK_DESTROY:
break;
default:
if (is_all != 0)
@ -223,13 +225,21 @@ ipfw_table_handler(int ac, char *av[])
table_modify(&oh, ac, av);
break;
case TOK_DESTROY:
if (table_destroy(&oh) == 0)
break;
if (errno != ESRCH)
err(EX_OSERR, "failed to destroy table %s", tablename);
/* ESRCH isn't fatal, warn if not quiet mode */
if (co.do_quiet == 0)
warn("failed to destroy table %s", tablename);
if (is_all == 0) {
if (table_destroy(&oh) == 0)
break;
if (errno != ESRCH)
err(EX_OSERR, "failed to destroy table %s",
tablename);
/* ESRCH isn't fatal, warn if not quiet mode */
if (co.do_quiet == 0)
warn("failed to destroy table %s", tablename);
} else {
error = tables_foreach(table_destroy_one, &oh, 1);
if (error != 0)
err(EX_OSERR,
"failed to destroy tables list");
}
break;
case TOK_FLUSH:
if (is_all == 0) {
@ -567,6 +577,22 @@ table_destroy(ipfw_obj_header *oh)
return (0);
}
static int
table_destroy_one(ipfw_xtable_info *i, void *arg)
{
ipfw_obj_header *oh;
oh = (ipfw_obj_header *)arg;
table_fill_ntlv(&oh->ntlv, i->tablename, i->set, 1);
if (table_destroy(oh) != 0) {
if (co.do_quiet == 0)
warn("failed to destroy table(%s) in set %u",
i->tablename, i->set);
return (-1);
}
return (0);
}
/*
* Flushes given table specified by @oh->ntlv.
* Returns 0 on success.