On Fri, Aug 08, 2003 at 05:15:16PM -0400, Jonathan S. Keim wrote: > Has anyone used the pf(4) DIOCCHANGEADDR ioctl(2) in 3.3-stable or > -current that might have some example code for how it's meant to be > used? I've been beating my head against it for a whole day and all I'm > getting is a bruise on my forehead.
I just checked, and it looks like that ioctl is just broken (the kernel compares a ticket, but not the one you supply, but constant 0, which never matches, resulting in EBUSY). I'm going to fix it (will require a kernel patch, probably will end up in -stable), but depending on what you wanted to do with the ioctl, there's alternatives: DIOCCHANGEADDR is meant to manipulate the pool addresses of a rule, depending on the rule type that's rdr ... -> { a, b, c } ... nat ... -> { a, b, c } ... pass route-to { a, b, c } ... There's at most one pool in any rule, for rdr/nat it's the redirection address (if it's a pool), and for filter rules, only route-to/reply-to/ dup-to can be pools. To change other rule addresses, like rdr from a to b -> ... nat from a to b -> ... pass from a to b ... you'd have to use DIOCCHANGERULE instead, anyway. So, do you really want to change a pool address? If that's the case, we'll have to fix the ioctl first. Otherwise I can supply an example for DIOCCHANGERULE. Tell me what you want to do. Daniel