Diffusion FreeBSD src repository 324fd7ec4043

libpfctl: introduce a handle-enabled variant of pfctl_add_rule()
324fd7ec4043
Actions

Description

libpfctl: introduce a handle-enabled variant of pfctl_add_rule()

Introduce pfctl_add_rule_h(), which takes a pfctl_handle rather than a
file descriptor (which it didn't use). This means that library users can
open the handle while they're running as root, but later drop privileges
and still add rules to pf.

Sponsored by: Rubicon Communications, LLC ("Netgate")

Details

Provenance

kp	Authored on Jan 4 2024, 12:45 PM

Parents

rG66cacc141d37: libpfctl: introduce pfctl_handle

Branches

Unknown

Tags

Unknown

Event Timeline

kp committed rG324fd7ec4043: libpfctl: introduce a handle-enabled variant of pfctl_add_rule() (authored by kp).Jan 4 2024, 10:10 PM

Changes (4)

Path

Size

contrib/

pf/

ftp-proxy/

filter.c

tftp-proxy/

filter.c

lib/

libpfctl/

libpfctl.c

libpfctl.h

rG324fd7ec4043

View Options

contrib/pf/ftp-proxy/filter.c

View Options

contrib/pf/tftp-proxy/filter.c

View Options

lib/libpfctl/libpfctl.c

View Options

libpfctl: introduce a handle-enabled variant of pfctl_add_rule()324fd7ec4043Actions

Description

Details

Event Timeline

Changes (4)

rG324fd7ec4043

contrib/pf/ftp-proxy/filter.c

contrib/pf/tftp-proxy/filter.c

lib/libpfctl/libpfctl.c

lib/libpfctl/libpfctl.h

libpfctl: introduce a handle-enabled variant of pfctl_add_rule()
324fd7ec4043
Actions