Hi, I'm currently trying to write a patch to the pf-mib that will
add support for labels. There will be quite some code borrowed from
pfctl.c, especially the pfctl_show_rules() function. However, in that
function, the following code shows up right after fetching a rule
using DIOCGETRULE:
(line 652 in rev 1.244)
if (pfctl_get_pool(dev, &pr.rule.rpool,
nr, pr.ticket, PF_SCRUB, anchorname) != 0)
return (-1);$
What exactly does pfctl_get_pool() do, and why is it there? I did not
get much smarter by looking at the function and trying to figure out
what it does. It runs DIOCGETADDRS to get the ticket, and then
DIOCGETADDR, both of which can fail (for reasons I'm unable to figure
out).
Some clearification would be great. Thanks.
sven
