According to pf(4) all of DIOCGETRULE, DIOCGETRULES and DIOCGETRULESET
return EINVAL if the specified anchor does not exist; I double checked
pf_ioctl.c to verify.
This diff makes pfctl consistently use pfr_strerror() which now handles
EINVAL such that
# pfctl -a nope -sr
pfctl: DIOCGETRULES: Invalid argument
# ./obj/pfctl -a nope -sr
pfctl: Anchor does not exist
There are other occasions as well but those probably need additional
tweaks, so here's the first round.
Feedback? OK?
Index: pfctl.c
===================================================================
RCS file: /cvs/src/sbin/pfctl/pfctl.c,v
retrieving revision 1.379
diff -u -p -r1.379 pfctl.c
--- pfctl.c 15 Jan 2020 13:42:39 -0000 1.379
+++ pfctl.c 15 Jan 2020 19:20:57 -0000
@@ -863,7 +863,7 @@ pfctl_show_rules(int dev, char *path, in
if (opts & PF_OPT_SHOWALL) {
pr.rule.action = PF_PASS;
if (ioctl(dev, DIOCGETRULES, &pr) == -1) {
- warn("DIOCGETRULES");
+ warnx("%s", pfr_strerror(errno));
ret = -1;
goto error;
}
@@ -878,7 +878,7 @@ pfctl_show_rules(int dev, char *path, in
pr.rule.action = PF_PASS;
if (ioctl(dev, DIOCGETRULES, &pr) == -1) {
- warn("DIOCGETRULES");
+ warnx("%s", pfr_strerror(errno));
ret = -1;
goto error;
}
@@ -979,7 +979,7 @@ pfctl_show_rules(int dev, char *path, in
for (nr = 0; nr < mnr; ++nr) {
prs.nr = nr;
if (ioctl(dev, DIOCGETRULESET, &prs) == -1)
- err(1, "DIOCGETRULESET");
+ errx(1, "%s", pfr_strerror(errno));
INDENT(depth, !(opts & PF_OPT_VERBOSE));
printf("anchor \"%s\" all {\n", prs.name);
pfctl_show_rules(dev, npath, opts,
@@ -2219,7 +2219,7 @@ pfctl_walk_anchors(int dev, int opts, co
pr.nr = nr;
if (ioctl(dev, DIOCGETRULESET, &pr) == -1)
- err(1, "DIOCGETRULESET");
+ errx(1, "%s", pfr_strerror(errno));
if (!strcmp(pr.name, PF_RESERVED_ANCHOR))
continue;
sub[0] = '\0';
Index: pfctl_optimize.c
===================================================================
RCS file: /cvs/src/sbin/pfctl/pfctl_optimize.c,v
retrieving revision 1.43
diff -u -p -r1.43 pfctl_optimize.c
--- pfctl_optimize.c 12 Dec 2019 21:00:51 -0000 1.43
+++ pfctl_optimize.c 15 Jan 2020 19:20:54 -0000
@@ -873,7 +873,7 @@ load_feedback_profile(struct pfctl *pf,
memset(&pr, 0, sizeof(pr));
pr.rule.action = PF_PASS;
if (ioctl(pf->dev, DIOCGETRULES, &pr) == -1) {
- warn("DIOCGETRULES");
+ warnx("%s", pfr_strerror(errno));
return (1);
}
mnr = pr.nr;
@@ -887,7 +887,7 @@ load_feedback_profile(struct pfctl *pf,
}
pr.nr = nr;
if (ioctl(pf->dev, DIOCGETRULE, &pr) == -1) {
- warn("DIOCGETRULES");
+ warnx("%s", pfr_strerror(errno));
free(por);
return (1);
}
Index: pfctl_radix.c
===================================================================
RCS file: /cvs/src/sbin/pfctl/pfctl_radix.c,v
retrieving revision 1.36
diff -u -p -r1.36 pfctl_radix.c
--- pfctl_radix.c 15 Jan 2020 16:15:08 -0000 1.36
+++ pfctl_radix.c 15 Jan 2020 19:20:54 -0000
@@ -567,6 +567,7 @@ pfr_strerror(int errnum)
switch (errnum) {
case ESRCH:
return "Table does not exist";
+ case EINVAL:
case ENOENT:
return "Anchor does not exist";
default:
