pfctl: Make most global variables static.

This will make it easier to link as a library. Submitted by: Christian Mauderer <christian.mauderer@embedded-brains.de>
2026-06-10 17:22:46 -04:00 · 2016-08-04 19:24:44 +00:00 · 2016-08-04 19:24:44 +00:00 · 13cfafabf4
commit 13cfafabf4
parent 233e1432b7
6 changed files with 51 additions and 50 deletions
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@ -80,7 +80,7 @@ static int		 blockpolicy = PFRULE_DROP;
 static int		 require_order = 1;
 static int		 default_statelock;

-TAILQ_HEAD(files, file)		 files = TAILQ_HEAD_INITIALIZER(files);
+static TAILQ_HEAD(files, file)	 files = TAILQ_HEAD_INITIALIZER(files);
 static struct file {
 	TAILQ_ENTRY(file)	 entry;
 	FILE			*stream;
@ -100,7 +100,7 @@ int		 lgetc(int);
 int		 lungetc(int);
 int		 findeol(void);

-TAILQ_HEAD(symhead, sym)	 symhead = TAILQ_HEAD_INITIALIZER(symhead);
+static TAILQ_HEAD(symhead, sym)	 symhead = TAILQ_HEAD_INITIALIZER(symhead);
 struct sym {
 	TAILQ_ENTRY(sym)	 entry;
 	int			 used;
@ -196,7 +196,7 @@ struct peer {
 	struct node_port	*port;
 };

-struct node_queue {
+static struct node_queue {
 	char			 queue[PF_QNAME_SIZE];
 	char			 parent[PF_QNAME_SIZE];
 	char			 ifname[IFNAMSIZ];
@ -210,7 +210,7 @@ struct node_qassign {
 	char		*pqname;
 };

-struct filter_opts {
+static struct filter_opts {
 	int			 marker;
 #define FOM_FLAGS	0x01
 #define FOM_ICMP	0x02
@ -250,12 +250,12 @@ struct filter_opts {
 	}			 divert;
 } filter_opts;

-struct antispoof_opts {
+static struct antispoof_opts {
 	char			*label;
 	u_int			 rtableid;
 } antispoof_opts;

-struct scrub_opts {
+static struct scrub_opts {
 	int			 marker;
 #define SOM_MINTTL	0x01
 #define SOM_MAXMSS	0x02
@ -273,7 +273,7 @@ struct scrub_opts {
 	u_int			 rtableid;
 } scrub_opts;

-struct queue_opts {
+static struct queue_opts {
 	int			marker;
 #define QOM_BWSPEC	0x01
 #define QOM_SCHEDULER	0x02
@ -287,13 +287,13 @@ struct queue_opts {
 	int			qlimit;
 } queue_opts;

-struct table_opts {
+static struct table_opts {
 	int			flags;
 	int			init_addr;
 	struct node_tinithead	init_nodes;
 } table_opts;

-struct pool_opts {
+static struct pool_opts {
 	int			 marker;
 #define POM_TYPE		0x01
 #define POM_STICKYADDRESS	0x02
@ -304,10 +304,10 @@ struct pool_opts {

 } pool_opts;

-struct codel_opts	 codel_opts;
-struct node_hfsc_opts	 hfsc_opts;
-struct node_fairq_opts	 fairq_opts;
-struct node_state_opt	*keep_state_defaults = NULL;
+static struct codel_opts	 codel_opts;
+static struct node_hfsc_opts	 hfsc_opts;
+static struct node_fairq_opts	 fairq_opts;
+static struct node_state_opt	*keep_state_defaults = NULL;

 int		 disallow_table(struct node_host *, const char *);
 int		 disallow_urpf_failed(struct node_host *, const char *);
@ -352,7 +352,7 @@ void	 remove_invalid_hosts(struct node_host **, sa_family_t *);
 int	 invalid_redirect(struct node_host *, sa_family_t);
 u_int16_t parseicmpspec(char *, sa_family_t);

-TAILQ_HEAD(loadanchorshead, loadanchors)
+static TAILQ_HEAD(loadanchorshead, loadanchors)
    loadanchorshead = TAILQ_HEAD_INITIALIZER(loadanchorshead);

 struct loadanchors {
@ -5572,10 +5572,10 @@ lookup(char *s)

 #define MAXPUSHBACK	128

-char	*parsebuf;
-int	 parseindex;
-char	 pushback_buffer[MAXPUSHBACK];
-int	 pushback_index = 0;
+static char	*parsebuf;
+static int	 parseindex;
+static char	 pushback_buffer[MAXPUSHBACK];
+static int	 pushback_index = 0;

 int
 lgetc(int quotec)
--- a/sbin/pfctl/pfctl.c
+++ b/sbin/pfctl/pfctl.c
@ -102,29 +102,29 @@ int	 pfctl_load_ruleset(struct pfctl *, char *,
 int	 pfctl_load_rule(struct pfctl *, char *, struct pf_rule *, int);
 const char	*pfctl_lookup_option(char *, const char * const *);

-struct pf_anchor_global	 pf_anchors;
-struct pf_anchor	 pf_main_anchor;
+static struct pf_anchor_global	 pf_anchors;
+static struct pf_anchor	 pf_main_anchor;

-const char	*clearopt;
-char		*rulesopt;
-const char	*showopt;
-const char	*debugopt;
-char		*anchoropt;
-const char	*optiopt = NULL;
-const char	*pf_device = "/dev/pf";
-char		*ifaceopt;
-char		*tableopt;
-const char	*tblcmdopt;
-int		 src_node_killers;
-char		*src_node_kill[2];
-int		 state_killers;
-char		*state_kill[2];
-int		 loadopt;
-int		 altqsupport;
+static const char	*clearopt;
+static char		*rulesopt;
+static const char	*showopt;
+static const char	*debugopt;
+static char		*anchoropt;
+static const char	*optiopt = NULL;
+static const char	*pf_device = "/dev/pf";
+static char		*ifaceopt;
+static char		*tableopt;
+static const char	*tblcmdopt;
+static int		 src_node_killers;
+static char		*src_node_kill[2];
+static int		 state_killers;
+static char		*state_kill[2];
+int			 loadopt;
+int			 altqsupport;

-int		 dev = -1;
-int		 first_title = 1;
-int		 labels = 0;
+int			 dev = -1;
+static int		 first_title = 1;
+static int		 labels = 0;

 #define INDENT(d, o)	do {						\
 				if (o) {				\
--- a/sbin/pfctl/pfctl_altq.c
+++ b/sbin/pfctl/pfctl_altq.c
@ -50,8 +50,8 @@ __FBSDID("$FreeBSD$");

 #define is_sc_null(sc)	(((sc) == NULL) || ((sc)->m1 == 0 && (sc)->m2 == 0))

-TAILQ_HEAD(altqs, pf_altq) altqs = TAILQ_HEAD_INITIALIZER(altqs);
-LIST_HEAD(gen_sc, segment) rtsc, lssc;
+static TAILQ_HEAD(altqs, pf_altq) altqs = TAILQ_HEAD_INITIALIZER(altqs);
+static LIST_HEAD(gen_sc, segment) rtsc, lssc;

 struct pf_altq	*qname_to_pfaltq(const char *, const char *);
 u_int32_t	 qname_to_qid(const char *);
--- a/sbin/pfctl/pfctl_optimize.c
+++ b/sbin/pfctl/pfctl_optimize.c
@ -90,7 +90,7 @@ enum {
    COMBINED,	/* the field may itself be combined with other rules */
    DC,		/* we just don't care about the field */
    NEVER};	/* we should never see this field set?!? */
-struct pf_rule_field {
+static struct pf_rule_field {
 	const char	*prf_name;
 	int		 prf_type;
 	size_t		 prf_offset;
@ -242,8 +242,9 @@ int	superblock_inclusive(struct superblock *, struct pf_opt_rule *);
 void	superblock_free(struct pfctl *, struct superblock *);


-int (*skip_comparitors[PF_SKIP_COUNT])(struct pf_rule *, struct pf_rule *);
-const char *skip_comparitors_names[PF_SKIP_COUNT];
+static int (*skip_comparitors[PF_SKIP_COUNT])(struct pf_rule *,
+    struct pf_rule *);
+static const char *skip_comparitors_names[PF_SKIP_COUNT];
 #define PF_SKIP_COMPARITORS {				\
    { "ifp", PF_SKIP_IFP, skip_cmp_ifp },		\
    { "dir", PF_SKIP_DIR, skip_cmp_dir },		\
@ -255,8 +256,8 @@ const char *skip_comparitors_names[PF_SKIP_COUNT];
    { "dport", PF_SKIP_DST_PORT, skip_cmp_dst_port }	\
 }

-struct pfr_buffer table_buffer;
-int table_identifier;
+static struct pfr_buffer table_buffer;
+static int table_identifier;


 int
--- a/sbin/pfctl/pfctl_osfp.c
+++ b/sbin/pfctl/pfctl_osfp.c
@ -67,9 +67,9 @@ struct name_entry {
 	struct name_list	nm_sublist;
 	int			nm_sublist_num;
 };
-struct name_list classes = LIST_HEAD_INITIALIZER(&classes);
-int class_count;
-int fingerprint_count;
+static struct name_list classes = LIST_HEAD_INITIALIZER(&classes);
+static int class_count;
+static int fingerprint_count;

 void			 add_fingerprint(int, int, struct pf_osfp_ioctl *);
 struct name_entry	*fingerprint_name_entry(struct name_list *, char *);
--- a/sbin/pfctl/pfctl_parser.c
+++ b/sbin/pfctl/pfctl_parser.c
@ -1147,7 +1147,7 @@ check_netmask(struct node_host *h, sa_family_t af)

 /* interface lookup routines */

-struct node_host	*iftab;
+static struct node_host	*iftab;

 void
 ifa_load(void)