netpfil: add PF netlink command decoding support

Convert PFNL_CMD values in pf_nl.h from an enum to #define constants,
add a pfnl_cmd table definition for mktable, and implement the
corresponding command decoding helpers in libsysdecode.

This allows mktable to generate PF netlink command lookup tables and
enables symbolic decoding of PF netlink commands.

Reviewed by:	kp
Signed-off-by:	Ishan Agrawal <iagrawal9990@gmail.com>
Sponsored by:	Google LLC (GSoC 2026)
This commit is contained in:
Ishan Agrawal
2026-06-01 17:54:05 +05:30
committed by Kristof Provost
parent 309fc9f765
commit 017690e509
4 changed files with 61 additions and 52 deletions
+8
View File
@@ -69,6 +69,7 @@
#include <netgraph/bluetooth/include/ng_hci.h>
#include <netgraph/bluetooth/include/ng_l2cap.h>
#include <netgraph/bluetooth/include/ng_btsocket.h>
#include <netpfil/pf/pf_nl.h>
#include "support.h"
@@ -1207,3 +1208,10 @@ sysdecode_itimer(int which)
return (lookup_value(itimerwhich, which));
}
const char *
sysdecode_pfnl_cmd(int cmd)
{
return (lookup_value(pfnl_cmd, cmd));
}
+1
View File
@@ -170,6 +170,7 @@ else
fi
gen_table "shmflags" "SHM_[A-Z_]+[[:space:]]+0x[0-9]+" "sys/mman.h" "SHM_ANON"
gen_table "itimerwhich" "ITIMER_[A-Z]+[[:space:]]+[0-9]+" "sys/time.h"
gen_table "pfnl_cmd" "PFNL_CMD_[A-Z_]+[[:space:]]+[0-9]+" "netpfil/pf/pf_nl.h"
# Generate a .depend file for our output file
if [ -n "$output_file" ]; then
+1
View File
@@ -66,6 +66,7 @@ const char *sysdecode_ipproto(int _protocol);
void sysdecode_kevent_fflags(FILE *_fp, short _filter, int _fflags,
int _base);
const char *sysdecode_itimer(int _which);
const char *sysdecode_pfnl_cmd(int cmd);
const char *sysdecode_kevent_filter(int _filter);
bool sysdecode_kevent_flags(FILE *_fp, int _flags, int *_rem);
const char *sysdecode_kldsym_cmd(int _cmd);
+51 -52
View File
@@ -34,58 +34,57 @@
#define PFNL_FAMILY_NAME "pfctl"
/* available commands */
enum {
PFNL_CMD_UNSPEC = 0,
PFNL_CMD_GETSTATES = 1,
PFNL_CMD_GETCREATORS = 2,
PFNL_CMD_START = 3,
PFNL_CMD_STOP = 4,
PFNL_CMD_ADDRULE = 5,
PFNL_CMD_GETRULES = 6,
PFNL_CMD_GETRULE = 7,
PFNL_CMD_CLRSTATES = 8,
PFNL_CMD_KILLSTATES = 9,
PFNL_CMD_SET_STATUSIF = 10,
PFNL_CMD_GET_STATUS = 11,
PFNL_CMD_CLEAR_STATUS = 12,
PFNL_CMD_NATLOOK = 13,
PFNL_CMD_SET_DEBUG = 14,
PFNL_CMD_SET_TIMEOUT = 15,
PFNL_CMD_GET_TIMEOUT = 16,
PFNL_CMD_SET_LIMIT = 17,
PFNL_CMD_GET_LIMIT = 18,
PFNL_CMD_BEGIN_ADDRS = 19,
PFNL_CMD_ADD_ADDR = 20,
PFNL_CMD_GET_ADDRS = 21,
PFNL_CMD_GET_ADDR = 22,
PFNL_CMD_GET_RULESETS = 23,
PFNL_CMD_GET_RULESET = 24,
PFNL_CMD_GET_SRCNODES = 25,
PFNL_CMD_CLEAR_TABLES = 26,
PFNL_CMD_ADD_TABLE = 27,
PFNL_CMD_DEL_TABLE = 28,
PFNL_CMD_GET_TSTATS = 29,
PFNL_CMD_CLR_TSTATS = 30,
PFNL_CMD_CLR_ADDRS = 31,
PFNL_CMD_TABLE_ADD_ADDR = 32,
PFNL_CMD_TABLE_DEL_ADDR = 33,
PFNL_CMD_TABLE_SET_ADDR = 34,
PFNL_CMD_TABLE_GET_ADDR = 35,
PFNL_CMD_TABLE_GET_ASTATS = 36,
PFNL_CMD_TABLE_CLEAR_ASTATS = 37,
PFNL_CMD_STATE_LIMITER_ADD = 38,
PFNL_CMD_STATE_LIMITER_GET = 39,
PFNL_CMD_STATE_LIMITER_NGET = 40,
PFNL_CMD_SOURCE_LIMITER_ADD = 41,
PFNL_CMD_SOURCE_LIMITER_GET = 42,
PFNL_CMD_SOURCE_LIMITER_NGET = 43,
PFNL_CMD_SOURCE_GET = 44,
PFNL_CMD_SOURCE_NGET = 45,
PFNL_CMD_SOURCE_CLEAR = 46,
PFNL_CMD_TABLE_TEST_ADDRS = 47,
__PFNL_CMD_MAX,
};
#define PFNL_CMD_MAX (__PFNL_CMD_MAX -1)
#define PFNL_CMD_UNSPEC 0
#define PFNL_CMD_GETSTATES 1
#define PFNL_CMD_GETCREATORS 2
#define PFNL_CMD_START 3
#define PFNL_CMD_STOP 4
#define PFNL_CMD_ADDRULE 5
#define PFNL_CMD_GETRULES 6
#define PFNL_CMD_GETRULE 7
#define PFNL_CMD_CLRSTATES 8
#define PFNL_CMD_KILLSTATES 9
#define PFNL_CMD_SET_STATUSIF 10
#define PFNL_CMD_GET_STATUS 11
#define PFNL_CMD_CLEAR_STATUS 12
#define PFNL_CMD_NATLOOK 13
#define PFNL_CMD_SET_DEBUG 14
#define PFNL_CMD_SET_TIMEOUT 15
#define PFNL_CMD_GET_TIMEOUT 16
#define PFNL_CMD_SET_LIMIT 17
#define PFNL_CMD_GET_LIMIT 18
#define PFNL_CMD_BEGIN_ADDRS 19
#define PFNL_CMD_ADD_ADDR 20
#define PFNL_CMD_GET_ADDRS 21
#define PFNL_CMD_GET_ADDR 22
#define PFNL_CMD_GET_RULESETS 23
#define PFNL_CMD_GET_RULESET 24
#define PFNL_CMD_GET_SRCNODES 25
#define PFNL_CMD_CLEAR_TABLES 26
#define PFNL_CMD_ADD_TABLE 27
#define PFNL_CMD_DEL_TABLE 28
#define PFNL_CMD_GET_TSTATS 29
#define PFNL_CMD_CLR_TSTATS 30
#define PFNL_CMD_CLR_ADDRS 31
#define PFNL_CMD_TABLE_ADD_ADDR 32
#define PFNL_CMD_TABLE_DEL_ADDR 33
#define PFNL_CMD_TABLE_SET_ADDR 34
#define PFNL_CMD_TABLE_GET_ADDR 35
#define PFNL_CMD_TABLE_GET_ASTATS 36
#define PFNL_CMD_TABLE_CLEAR_ASTATS 37
#define PFNL_CMD_STATE_LIMITER_ADD 38
#define PFNL_CMD_STATE_LIMITER_GET 39
#define PFNL_CMD_STATE_LIMITER_NGET 40
#define PFNL_CMD_SOURCE_LIMITER_ADD 41
#define PFNL_CMD_SOURCE_LIMITER_GET 42
#define PFNL_CMD_SOURCE_LIMITER_NGET 43
#define PFNL_CMD_SOURCE_GET 44
#define PFNL_CMD_SOURCE_NGET 45
#define PFNL_CMD_SOURCE_CLEAR 46
#define PFNL_CMD_TABLE_TEST_ADDRS 47
#define __PFNL_CMD_MAX 48
#define PFNL_CMD_MAX (__PFNL_CMD_MAX - 1)
enum pfstate_key_type_t {
PF_STK_UNSPEC,