On Fri, Aug 08, 2003 at 05:15:16PM -0400, Jonathan S. Keim wrote:
> Has anyone used the pf(4) DIOCCHANGEADDR ioctl(2) in 3.3-stable or
> -current that might have some example code for how it's meant to be
> used? I've been beating my head against it for a whole day and all I'm
> getting is a bruise on my forehead.
I just checked, and it looks like that ioctl is just broken (the kernel
compares a ticket, but not the one you supply, but constant 0, which
never matches, resulting in EBUSY).
I'm going to fix it (will require a kernel patch, probably will end up
in -stable), but depending on what you wanted to do with the ioctl,
there's alternatives:
DIOCCHANGEADDR is meant to manipulate the pool addresses of a rule,
depending on the rule type that's
rdr ... -> { a, b, c } ...
nat ... -> { a, b, c } ...
pass route-to { a, b, c } ...
There's at most one pool in any rule, for rdr/nat it's the redirection
address (if it's a pool), and for filter rules, only route-to/reply-to/
dup-to can be pools.
To change other rule addresses, like
rdr from a to b -> ...
nat from a to b -> ...
pass from a to b ...
you'd have to use DIOCCHANGERULE instead, anyway.
So, do you really want to change a pool address? If that's the case,
we'll have to fix the ioctl first. Otherwise I can supply an example for
DIOCCHANGERULE. Tell me what you want to do.
Daniel
