int npfctl_getconf(u_long cmd, void *data) { struct plistref *pref = data; prop_dictionary_t npf_dict; int error; npf_core_enter(); npf_dict = npf_core_dict(); prop_dictionary_set_bool(npf_dict, "active", npf_pfil_registered_p()); error = prop_dictionary_copyout_ioctl(pref, cmd, npf_dict); npf_core_exit(); return error; }
/* * npfctl_save: export the config dictionary as it was submitted, * including the current snapshot of the connections. Additionally, * indicate whether the ruleset is currently active. */ int npfctl_save(u_long cmd, void *data) { struct plistref *pref = data; prop_array_t rulelist, natlist, tables, rprocs, conlist; prop_dictionary_t npf_dict = NULL; int error; rulelist = prop_array_create(); natlist = prop_array_create(); tables = prop_array_create(); rprocs = prop_array_create(); conlist = prop_array_create(); /* * Serialise the connections and NAT policies. */ npf_config_enter(); error = npf_conndb_export(conlist); if (error) { goto out; } error = npf_ruleset_export(npf_config_ruleset(), rulelist); if (error) { goto out; } error = npf_ruleset_export(npf_config_natset(), natlist); if (error) { goto out; } error = npf_tableset_export(npf_config_tableset(), tables); if (error) { goto out; } error = npf_rprocset_export(npf_config_rprocs(), rprocs); if (error) { goto out; } prop_array_t alglist = npf_alg_export(); npf_dict = prop_dictionary_create(); prop_dictionary_set_uint32(npf_dict, "version", NPF_VERSION); prop_dictionary_set_and_rel(npf_dict, "algs", alglist); prop_dictionary_set_and_rel(npf_dict, "rules", rulelist); prop_dictionary_set_and_rel(npf_dict, "nat", natlist); prop_dictionary_set_and_rel(npf_dict, "tables", tables); prop_dictionary_set_and_rel(npf_dict, "rprocs", rprocs); prop_dictionary_set_and_rel(npf_dict, "conn-list", conlist); prop_dictionary_set_bool(npf_dict, "active", npf_pfil_registered_p()); error = prop_dictionary_copyout_ioctl(pref, cmd, npf_dict); out: npf_config_exit(); if (!npf_dict) { prop_object_release(rulelist); prop_object_release(natlist); prop_object_release(tables); prop_object_release(rprocs); prop_object_release(conlist); } else { prop_object_release(npf_dict); } return error; }
bool npf_autounload_p(void) { return !npf_pfil_registered_p() && npf_default_pass(); }