691 	struct pf_ruleset       *__single ruleset;  in pf_get_pool()  local
696 	ruleset = pf_find_ruleset(anchor);  in pf_get_pool()
697 	if (ruleset == NULL) {  in pf_get_pool()
706 		    ruleset->rules[rs_num].active.ticket) {  in pf_get_pool()
710 			rule = TAILQ_LAST(ruleset->rules[rs_num].active.ptr,  in pf_get_pool()
713 			rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pf_get_pool()
717 		    ruleset->rules[rs_num].inactive.ticket) {  in pf_get_pool()
721 			rule = TAILQ_LAST(ruleset->rules[rs_num].inactive.ptr,  in pf_get_pool()
724 			rule = TAILQ_FIRST(ruleset->rules[rs_num].inactive.ptr);  in pf_get_pool()
739 	if (ruleset) {  in pf_get_pool()
740 		pf_release_ruleset(ruleset);  in pf_get_pool()
741 		ruleset = NULL;  in pf_get_pool()
1823 		struct pf_ruleset       *ruleset = &pf_main_ruleset;  in pfioctl()  local
1827 		    ruleset->rules[PF_RULESET_FILTER].active.ptr, entries) {  in pfioctl()
2509 pf_delete_rule_from_ruleset(struct pf_ruleset *ruleset, int rs_num,  in pf_delete_rule_from_ruleset()  argument
2517 	pf_rm_rule(ruleset->rules[rs_num].active.ptr, rule);  in pf_delete_rule_from_ruleset()
2518 	if (ruleset->rules[rs_num].active.rcount-- == 0) {  in pf_delete_rule_from_ruleset()
2521 	r = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pf_delete_rule_from_ruleset()
2531 pf_ruleset_cleanup(struct pf_ruleset *ruleset, int rs)  in pf_ruleset_cleanup()  argument
2533 	pf_calc_skip_steps(ruleset->rules[rs].active.ptr);  in pf_ruleset_cleanup()
2534 	ruleset->rules[rs].active.ticket =  in pf_ruleset_cleanup()
2535 	    ++ruleset->rules[rs].inactive.ticket;  in pf_ruleset_cleanup()
2545 	struct pf_ruleset       *ruleset;  in pf_delete_rule_by_ticket()  local
2552 	if ((ruleset = pf_find_ruleset_with_owner(__unsafe_null_terminated_from_indexable(pr->anchor),  in pf_delete_rule_by_ticket()
2558 		rule = TAILQ_FIRST(ruleset->rules[i].active.ptr);  in pf_delete_rule_by_ticket()
2576 	if (rule->anchor && (ruleset != &pf_main_ruleset) &&  in pf_delete_rule_by_ticket()
2577 	    ((strbufcmp(ruleset->anchor->owner, "")) == 0) &&  in pf_delete_rule_by_ticket()
2578 	    ((ruleset->rules[i].active.rcount - 1) == 0)) {  in pf_delete_rule_by_ticket()
2581 		struct pf_ruleset *delete_ruleset = ruleset;  in pf_delete_rule_by_ticket()
2583 #define parent_ruleset          ruleset->anchor->parent->ruleset  in pf_delete_rule_by_ticket()
2584 		if (ruleset->anchor->parent == NULL) {  in pf_delete_rule_by_ticket()
2585 			ruleset = &pf_main_ruleset;  in pf_delete_rule_by_ticket()
2587 			ruleset = &parent_ruleset;  in pf_delete_rule_by_ticket()
2590 		rule = TAILQ_FIRST(ruleset->rules[i].active.ptr);  in pf_delete_rule_by_ticket()
2634 		pf_delete_rule_from_ruleset(ruleset, i,  in pf_delete_rule_by_ticket()
2636 		pf_ruleset_cleanup(ruleset, i);  in pf_delete_rule_by_ticket()
2640 	if (ruleset) {  in pf_delete_rule_by_ticket()
2641 		pf_release_ruleset(ruleset);  in pf_delete_rule_by_ticket()
2642 		ruleset = NULL;  in pf_delete_rule_by_ticket()
2654 	struct pf_ruleset       *__single ruleset;  in pf_delete_rule_by_owner()  local
2660 		ruleset = &pf_main_ruleset;  in pf_delete_rule_by_owner()
2672 					if (rule->anchor->ruleset.rules[rs].active.rcount > 0) {  in pf_delete_rule_by_owner()
2674 							pf_ruleset_cleanup(ruleset, rs);  in pf_delete_rule_by_owner()
2678 						ruleset =  in pf_delete_rule_by_owner()
2679 						    &rule->anchor->ruleset;  in pf_delete_rule_by_owner()
2680 						rule = TAILQ_FIRST(ruleset->rules[rs].active.ptr);  in pf_delete_rule_by_owner()
2687 						pf_delete_rule_from_ruleset(ruleset, rs, rule);  in pf_delete_rule_by_owner()
2700 					pf_delete_rule_from_ruleset(ruleset,  in pf_delete_rule_by_owner()
2708 					pf_ruleset_cleanup(ruleset, rs);  in pf_delete_rule_by_owner()
2711 				if (ruleset != &pf_main_ruleset) {  in pf_delete_rule_by_owner()
2712 					pf_deleterule_anchor_step_out(&ruleset,  in pf_delete_rule_by_owner()
2724 	struct pf_ruleset *ruleset = *ruleset_ptr;  in pf_deleterule_anchor_step_out()  local
2728 	struct pf_ruleset *rs_copy = ruleset;  in pf_deleterule_anchor_step_out()
2729 	ruleset = ruleset->anchor->parent?  in pf_deleterule_anchor_step_out()
2730 	    &ruleset->anchor->parent->ruleset:&pf_main_ruleset;  in pf_deleterule_anchor_step_out()
2732 	rule = TAILQ_FIRST(ruleset->rules[rs].active.ptr);  in pf_deleterule_anchor_step_out()
2739 	if (rule->anchor->ruleset.rules[rs].active.rcount > 0) {  in pf_deleterule_anchor_step_out()
2743 	*ruleset_ptr = ruleset;  in pf_deleterule_anchor_step_out()
2756     struct pf_ruleset *ruleset)  in pf_rule_setup()  argument
2803 	if (pf_tbladdr_setup(ruleset, &rule->src.addr)) {  in pf_rule_setup()
2806 	if (pf_tbladdr_setup(ruleset, &rule->dst.addr)) {  in pf_rule_setup()
2809 	if (pf_anchor_setup(rule, ruleset, pr->anchor_call, sizeof(pr->anchor_call))) {  in pf_rule_setup()
2813 	if (pf_tbladdr_setup(ruleset, &apa->addr)) {  in pf_rule_setup()
2818 		if ((rule->overload_tbl = pfr_attach_table(ruleset,  in pf_rule_setup()
2857 	struct pf_ruleset *__single ruleset = NULL;  in pfioctl_ioc_rule()  local
2866 		ruleset = pf_find_ruleset(__unsafe_null_terminated_from_indexable(pr->anchor));  in pfioctl_ioc_rule()
2867 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
2880 		if (pr->ticket != ruleset->rules[rs_num].inactive.ticket) {  in pfioctl_ioc_rule()
2901 		tail = TAILQ_LAST(ruleset->rules[rs_num].inactive.ptr,  in pfioctl_ioc_rule()
2909 		if ((error = pf_rule_setup(pr, rule, ruleset))) {  in pfioctl_ioc_rule()
2912 		TAILQ_INSERT_TAIL(ruleset->rules[rs_num].inactive.ptr,  in pfioctl_ioc_rule()
2914 		ruleset->rules[rs_num].inactive.rcount++;  in pfioctl_ioc_rule()
2963 		ruleset = pf_find_ruleset(__unsafe_null_terminated_from_indexable(pr->anchor));  in pfioctl_ioc_rule()
2964 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
2973 		tail = TAILQ_LAST(ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
2980 		pr->ticket = ruleset->rules[rs_num].active.ticket;  in pfioctl_ioc_rule()
2990 		ruleset = pf_find_ruleset(__unsafe_null_terminated_from_indexable(pr->anchor));  in pfioctl_ioc_rule()
2991 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
3000 		if (pr->ticket != ruleset->rules[rs_num].active.ticket) {  in pfioctl_ioc_rule()
3004 		rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3013 		if (pf_anchor_copyout(ruleset, rule, pr)) {  in pfioctl_ioc_rule()
3061 		ruleset = pf_find_ruleset(__unsafe_null_terminated_from_indexable(pcr->anchor));  in pfioctl_ioc_rule()
3062 		if (ruleset == NULL) {  in pfioctl_ioc_rule()
3073 			pcr->ticket = ++ruleset->rules[rs_num].active.ticket;  in pfioctl_ioc_rule()
3077 			    ruleset->rules[rs_num].active.ticket) {  in pfioctl_ioc_rule()
3148 			if (pf_tbladdr_setup(ruleset, &newrule->src.addr)) {  in pfioctl_ioc_rule()
3151 			if (pf_tbladdr_setup(ruleset, &newrule->dst.addr)) {  in pfioctl_ioc_rule()
3154 			if (pf_anchor_setup(newrule, ruleset, pcr->anchor_call, sizeof(pcr->anchor_call))) {  in pfioctl_ioc_rule()
3158 			if (pf_tbladdr_setup(ruleset, &pa->addr)) {  in pfioctl_ioc_rule()
3164 					    ruleset, __unsafe_null_terminated_from_indexable(newrule->overload_tblname))) ==  in pfioctl_ioc_rule()
3196 				ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3199 				ruleset->rules[rs_num].active.ptr, pf_rulequeue);  in pfioctl_ioc_rule()
3202 				ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3216 			pf_rm_rule(ruleset->rules[rs_num].active.ptr, oldrule);  in pfioctl_ioc_rule()
3217 			ruleset->rules[rs_num].active.rcount--;  in pfioctl_ioc_rule()
3221 					ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3228 					ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3231 			ruleset->rules[rs_num].active.rcount++;  in pfioctl_ioc_rule()
3236 		    ruleset->rules[rs_num].active.ptr, entries)  in pfioctl_ioc_rule()
3239 		ruleset->rules[rs_num].active.ticket++;  in pfioctl_ioc_rule()
3241 		pf_calc_skip_steps(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3257 		if ((ruleset = pf_find_ruleset_with_owner(__unsafe_null_terminated_from_indexable(pr->anchor),  in pfioctl_ioc_rule()
3274 			r = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3308 		r = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
3314 			    TAILQ_LAST(ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3324 		if ((error = pf_rule_setup(pr, rule, ruleset))) {  in pfioctl_ioc_rule()
3338 			TAILQ_INSERT_TAIL(ruleset->rules[rs_num].active.ptr,  in pfioctl_ioc_rule()
3341 		ruleset->rules[rs_num].active.rcount++;  in pfioctl_ioc_rule()
3344 		if (ruleset == &pf_main_ruleset) {  in pfioctl_ioc_rule()
3345 			error = pf_setup_pfsync_matching(ruleset);  in pfioctl_ioc_rule()
3348 		pf_ruleset_cleanup(ruleset, rs_num);  in pfioctl_ioc_rule()
3373 		ASSERT(ruleset == NULL);  in pfioctl_ioc_rule()
3408 	if (ruleset != NULL) {  in pfioctl_ioc_rule()
3409 		pf_release_ruleset(ruleset);  in pfioctl_ioc_rule()
3410 		ruleset = NULL;  in pfioctl_ioc_rule()
3870 	struct pf_ruleset *__single ruleset = NULL;  in pfioctl_ioc_pooladdr()  local
3981 		ruleset = pf_find_ruleset(__unsafe_null_terminated_from_indexable(pca->anchor));  in pfioctl_ioc_pooladdr()
3982 		if (ruleset == NULL) {  in pfioctl_ioc_pooladdr()
4019 			    pf_tbladdr_setup(ruleset, &newpa->addr)) {  in pfioctl_ioc_pooladdr()
4075 	if (ruleset) {  in pfioctl_ioc_pooladdr()
4076 		pf_release_ruleset(ruleset);  in pfioctl_ioc_pooladdr()
4077 		ruleset = NULL;  in pfioctl_ioc_pooladdr()
4088 	struct pf_ruleset *ruleset = NULL;  in pfioctl_ioc_ruleset()  local
4096 		if ((ruleset = pf_find_ruleset(__unsafe_null_terminated_from_indexable(pr->path))) == NULL) {  in pfioctl_ioc_ruleset()
4101 		if (ruleset->anchor == NULL) {  in pfioctl_ioc_ruleset()
4109 			    &ruleset->anchor->children)  in pfioctl_ioc_ruleset()
4120 		if ((ruleset = pf_find_ruleset(__unsafe_null_terminated_from_indexable(pr->path))) == NULL) {  in pfioctl_ioc_ruleset()
4125 		if (ruleset->anchor == NULL) {  in pfioctl_ioc_ruleset()
4134 			    &ruleset->anchor->children)  in pfioctl_ioc_ruleset()
4151 	if (ruleset) {  in pfioctl_ioc_ruleset()
4152 		pf_release_ruleset(ruleset);  in pfioctl_ioc_ruleset()
4153 		ruleset = NULL;  in pfioctl_ioc_ruleset()