On Sun, Nov 08, 2015 at 01:18:22PM +0100, Alexander Bluhm wrote: > On Sun, Nov 08, 2015 at 02:37:58AM +0100, Alexander Bluhm wrote: > > > + for (i = 0; (i < size) && (rv == 0); i++) { > > > > rv is unitialized in the first interation > > > > > + io.pfrio_buffer = addr++; > > > + rv = ioctl(dev, DIOCRADDADDR, &io); > > > > I would suggest to return (-1) if ioctl fails... > > > > > + add++; > > > + } > > To keep the illusion of an atomic operation, we could remove the > addresses we just added before the one add failed. >
actually pfctl_radix.c is just tip of the iceberg, there are other tools than pfctl, which manipulate with PF-tables: authpf bgpd pfutils The more I'm thinking about s/SIOCADDADDRS/SIOCADDADDR the less I like it. I feel good about s/pfr_add_addrs/pfr_add_addr. The pfr_add_addr() should be a back end for SIOCADDADDRS ioctl operation, which I think should go back. The ioctl in kernel will iterate over the array of addresses coming from userland. It seems to me as more convenient approach. I'm working on prototype, I hope I'll send updated patches soon. thanks and regards sasha