690 	struct pf_ruleset       *ruleset;  in pf_get_pool()  local
695 	ruleset = pf_find_ruleset(anchor);  in pf_get_pool()
696 	if (ruleset == NULL) {  in pf_get_pool()
705 		    ruleset->rules[rs_num].active.ticket) {  in pf_get_pool()
709 			rule = TAILQ_LAST(ruleset->rules[rs_num].active.ptr,  in pf_get_pool()
712 			rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pf_get_pool()
716 		    ruleset->rules[rs_num].inactive.ticket) {  in pf_get_pool()
720 			rule = TAILQ_LAST(ruleset->rules[rs_num].inactive.ptr,  in pf_get_pool()
723 			rule = TAILQ_FIRST(ruleset->rules[rs_num].inactive.ptr);  in pf_get_pool()
738 	if (ruleset) {  in pf_get_pool()
739 		pf_release_ruleset(ruleset);  in pf_get_pool()
740 		ruleset = NULL;  in pf_get_pool()
1807 		struct pf_ruleset       *ruleset = &pf_main_ruleset;  in pfioctl()  local
1811 		    ruleset->rules[PF_RULESET_FILTER].active.ptr, entries) {  in pfioctl()
2497 pf_delete_rule_from_ruleset(struct pf_ruleset *ruleset, int rs_num,  in pf_delete_rule_from_ruleset()  argument
2505 	pf_rm_rule(ruleset->rules[rs_num].active.ptr, rule);  in pf_delete_rule_from_ruleset()
2506 	if (ruleset->rules[rs_num].active.rcount-- == 0) {  in pf_delete_rule_from_ruleset()
2509 	r = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pf_delete_rule_from_ruleset()
2519 pf_ruleset_cleanup(struct pf_ruleset *ruleset, int rs)  in pf_ruleset_cleanup()  argument
2521 	pf_calc_skip_steps(ruleset->rules[rs].active.ptr);  in pf_ruleset_cleanup()
2522 	ruleset->rules[rs].active.ticket =  in pf_ruleset_cleanup()
2523 	    ++ruleset->rules[rs].inactive.ticket;  in pf_ruleset_cleanup()
2533 	struct pf_ruleset       *ruleset;  in pf_delete_rule_by_ticket()  local
2540 	if ((ruleset = pf_find_ruleset_with_owner(pr->anchor,  in pf_delete_rule_by_ticket()
2546 		rule = TAILQ_FIRST(ruleset->rules[i].active.ptr);  in pf_delete_rule_by_ticket()
2564 	if (rule->anchor && (ruleset != &pf_main_ruleset) &&  in pf_delete_rule_by_ticket()
2565 	    ((strcmp(ruleset->anchor->owner, "")) == 0) &&  in pf_delete_rule_by_ticket()
2566 	    ((ruleset->rules[i].active.rcount - 1) == 0)) {  in pf_delete_rule_by_ticket()
2569 		struct pf_ruleset *delete_ruleset = ruleset;  in pf_delete_rule_by_ticket()
2571 #define parent_ruleset          ruleset->anchor->parent->ruleset  in pf_delete_rule_by_ticket()
2572 		if (ruleset->anchor->parent == NULL) {  in pf_delete_rule_by_ticket()
2573 			ruleset = &pf_main_ruleset;  in pf_delete_rule_by_ticket()
2575 			ruleset = &parent_ruleset;  in pf_delete_rule_by_ticket()
2578 		rule = TAILQ_FIRST(ruleset->rules[i].active.ptr);  in pf_delete_rule_by_ticket()
2622 		pf_delete_rule_from_ruleset(ruleset, i,  in pf_delete_rule_by_ticket()
2624 		pf_ruleset_cleanup(ruleset, i);  in pf_delete_rule_by_ticket()
2628 	if (ruleset) {  in pf_delete_rule_by_ticket()
2629 		pf_release_ruleset(ruleset);  in pf_delete_rule_by_ticket()
2630 		ruleset = NULL;  in pf_delete_rule_by_ticket()
2642 	struct pf_ruleset       *ruleset;  in pf_delete_rule_by_owner()  local
2648 		ruleset = &pf_main_ruleset;  in pf_delete_rule_by_owner()
2660 					if (rule->anchor->ruleset.rules[rs].active.rcount > 0) {  in pf_delete_rule_by_owner()
2662 							pf_ruleset_cleanup(ruleset, rs);  in pf_delete_rule_by_owner()
2666 						ruleset =  in pf_delete_rule_by_owner()
2667 						    &rule->anchor->ruleset;  in pf_delete_rule_by_owner()
2668 						rule = TAILQ_FIRST(ruleset->rules[rs].active.ptr);  in pf_delete_rule_by_owner()
2675 						pf_delete_rule_from_ruleset(ruleset, rs, rule);  in pf_delete_rule_by_owner()
2688 					pf_delete_rule_from_ruleset(ruleset,  in pf_delete_rule_by_owner()
2696 					pf_ruleset_cleanup(ruleset, rs);  in pf_delete_rule_by_owner()
2699 				if (ruleset != &pf_main_ruleset) {  in pf_delete_rule_by_owner()
2700 					pf_deleterule_anchor_step_out(&ruleset,  in pf_delete_rule_by_owner()
2712 	struct pf_ruleset *ruleset = *ruleset_ptr;  in pf_deleterule_anchor_step_out()  local
2716 	struct pf_ruleset *rs_copy = ruleset;  in pf_deleterule_anchor_step_out()
2717 	ruleset = ruleset->anchor->parent?  in pf_deleterule_anchor_step_out()
2718 	    &ruleset->anchor->parent->ruleset:&pf_main_ruleset;  in pf_deleterule_anchor_step_out()
2720 	rule = TAILQ_FIRST(ruleset->rules[rs].active.ptr);  in pf_deleterule_anchor_step_out()
2727 	if (rule->anchor->ruleset.rules[rs].active.rcount > 0) {  in pf_deleterule_anchor_step_out()
2731 	*ruleset_ptr = ruleset;  in pf_deleterule_anchor_step_out()
2744     struct pf_ruleset *ruleset)  in pf_rule_setup()  argument
2791 	if (pf_tbladdr_setup(ruleset, &rule->src.addr)) {  in pf_rule_setup()
2794 	if (pf_tbladdr_setup(ruleset, &rule->dst.addr)) {  in pf_rule_setup()
2797 	if (pf_anchor_setup(rule, ruleset, pr->anchor_call)) {  in pf_rule_setup()
2801 	if (pf_tbladdr_setup(ruleset, &apa->addr)) {  in pf_rule_setup()
2806 		if ((rule->overload_tbl = pfr_attach_table(ruleset,  in pf_rule_setup()
2845 	struct pf_ruleset *ruleset = NULL;  in pfioctl_ioc_rule()  local
2854 		ruleset = pf_find_ruleset(pr->anchor);  in pfioctl_ioc_rule()
2855 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
2868 		if (pr->ticket != ruleset->rules[rs_num].inactive.ticket) {  in pfioctl_ioc_rule()
2889 		tail = TAILQ_LAST(ruleset->rules[rs_num].inactive.ptr,  in pfioctl_ioc_rule()
2897 		if ((error = pf_rule_setup(pr, rule, ruleset))) {  in pfioctl_ioc_rule()
2901 		TAILQ_INSERT_TAIL(ruleset->rules[rs_num].inactive.ptr,  in pfioctl_ioc_rule()
2903 		ruleset->rules[rs_num].inactive.rcount++;  in pfioctl_ioc_rule()
2953 		ruleset = pf_find_ruleset(pr->anchor);  in pfioctl_ioc_rule()
2954 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
2963 		tail = TAILQ_LAST(ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
2970 		pr->ticket = ruleset->rules[rs_num].active.ticket;  in pfioctl_ioc_rule()
2980 		ruleset = pf_find_ruleset(pr->anchor);  in pfioctl_ioc_rule()
2981 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
2990 		if (pr->ticket != ruleset->rules[rs_num].active.ticket) {  in pfioctl_ioc_rule()
2994 		rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3003 		if (pf_anchor_copyout(ruleset, rule, pr)) {  in pfioctl_ioc_rule()
3051 		ruleset = pf_find_ruleset(pcr->anchor);  in pfioctl_ioc_rule()
3052 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
3063 			pcr->ticket = ++ruleset->rules[rs_num].active.ticket;  in pfioctl_ioc_rule()
3067 			    ruleset->rules[rs_num].active.ticket) {  in pfioctl_ioc_rule()
3138 			if (pf_tbladdr_setup(ruleset, &newrule->src.addr)) {  in pfioctl_ioc_rule()
3141 			if (pf_tbladdr_setup(ruleset, &newrule->dst.addr)) {  in pfioctl_ioc_rule()
3144 			if (pf_anchor_setup(newrule, ruleset, pcr->anchor_call)) {  in pfioctl_ioc_rule()
3148 			if (pf_tbladdr_setup(ruleset, &pa->addr)) {  in pfioctl_ioc_rule()
3154 					    ruleset, newrule->overload_tblname)) ==  in pfioctl_ioc_rule()
3186 				ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3189 				ruleset->rules[rs_num].active.ptr, pf_rulequeue);  in pfioctl_ioc_rule()
3192 				ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3206 			pf_rm_rule(ruleset->rules[rs_num].active.ptr, oldrule);  in pfioctl_ioc_rule()
3207 			ruleset->rules[rs_num].active.rcount--;  in pfioctl_ioc_rule()
3211 					ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3218 					ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3221 			ruleset->rules[rs_num].active.rcount++;  in pfioctl_ioc_rule()
3226 		    ruleset->rules[rs_num].active.ptr, entries)  in pfioctl_ioc_rule()
3229 		ruleset->rules[rs_num].active.ticket++;  in pfioctl_ioc_rule()
3231 		pf_calc_skip_steps(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3247 		if ((ruleset = pf_find_ruleset_with_owner(pr->anchor,  in pfioctl_ioc_rule()
3264 			r = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3298 		r = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3304 			    TAILQ_LAST(ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3314 		if ((error = pf_rule_setup(pr, rule, ruleset))) {  in pfioctl_ioc_rule()
3329 			TAILQ_INSERT_TAIL(ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3332 		ruleset->rules[rs_num].active.rcount++;  in pfioctl_ioc_rule()
3335 		if (ruleset == &pf_main_ruleset) {  in pfioctl_ioc_rule()
3336 			error = pf_setup_pfsync_matching(ruleset);  in pfioctl_ioc_rule()
3339 		pf_ruleset_cleanup(ruleset, rs_num);  in pfioctl_ioc_rule()
3364 		ASSERT(ruleset == NULL);  in pfioctl_ioc_rule()
3399 	if (ruleset != NULL) {  in pfioctl_ioc_rule()
3400 		pf_release_ruleset(ruleset);  in pfioctl_ioc_rule()
3401 		ruleset = NULL;  in pfioctl_ioc_rule()
3861 	struct pf_ruleset *ruleset = NULL;  in pfioctl_ioc_pooladdr()  local
3972 		ruleset = pf_find_ruleset(pca->anchor);  in pfioctl_ioc_pooladdr()
3973 		if (ruleset == NULL) {  in pfioctl_ioc_pooladdr()
4010 			    pf_tbladdr_setup(ruleset, &newpa->addr)) {  in pfioctl_ioc_pooladdr()
4066 	if (ruleset) {  in pfioctl_ioc_pooladdr()
4067 		pf_release_ruleset(ruleset);  in pfioctl_ioc_pooladdr()
4068 		ruleset = NULL;  in pfioctl_ioc_pooladdr()
4079 	struct pf_ruleset *ruleset = NULL;  in pfioctl_ioc_ruleset()  local
4087 		if ((ruleset = pf_find_ruleset(pr->path)) == NULL) {  in pfioctl_ioc_ruleset()
4092 		if (ruleset->anchor == NULL) {  in pfioctl_ioc_ruleset()
4100 			    &ruleset->anchor->children)  in pfioctl_ioc_ruleset()
4111 		if ((ruleset = pf_find_ruleset(pr->path)) == NULL) {  in pfioctl_ioc_ruleset()
4116 		if (ruleset->anchor == NULL) {  in pfioctl_ioc_ruleset()
4126 			    &ruleset->anchor->children)  in pfioctl_ioc_ruleset()
4144 	if (ruleset) {  in pfioctl_ioc_ruleset()
4145 		pf_release_ruleset(ruleset);  in pfioctl_ioc_ruleset()
4146 		ruleset = NULL;  in pfioctl_ioc_ruleset()