412 	    (((*state)->rule.ptr->rt == PF_ROUTETO &&  in pf_state_lookup_aux()
413 	    (*state)->rule.ptr->direction == PF_OUT) ||  in pf_state_lookup_aux()
414 	    ((*state)->rule.ptr->rt == PF_REPLYTO &&  in pf_state_lookup_aux()
415 	    (*state)->rule.ptr->direction == PF_IN)) &&  in pf_state_lookup_aux()
479 	        s->rule.ptr->states++;                          \
480 	        VERIFY(s->rule.ptr->states != 0);               \
501 	        VERIFY(s->rule.ptr->states > 0);                \
502 	        s->rule.ptr->states--;                          \
804 	if (a->rule.ptr > b->rule.ptr) {  in pf_src_compare()
807 	if (a->rule.ptr < b->rule.ptr) {  in pf_src_compare()
1261 	if ((*state)->rule.ptr->max_src_conn &&  in pf_src_connlimit()
1262 	    (*state)->rule.ptr->max_src_conn <  in pf_src_connlimit()
1268 	if ((*state)->rule.ptr->max_src_conn_rate.limit &&  in pf_src_connlimit()
1278 	if ((*state)->rule.ptr->overload_tbl) {  in pf_src_connlimit()
1304 		pfr_insert_kentry((*state)->rule.ptr->overload_tbl,  in pf_src_connlimit()
1308 		if ((*state)->rule.ptr->flush) {  in pf_src_connlimit()
1329 				    ((*state)->rule.ptr->flush &  in pf_src_connlimit()
1331 				    (*state)->rule.ptr == st->rule.ptr)) {  in pf_src_connlimit()
1354 pf_insert_src_node(struct pf_src_node **sn, struct pf_rule *rule,  in pf_insert_src_node()  argument
1362 		if (rule->rule_flag & PFRULE_RULESRCTRACK ||  in pf_insert_src_node()
1363 		    rule->rpool.opts & PF_POOL_STICKYADDR) {  in pf_insert_src_node()
1364 			k.rule.ptr = rule;  in pf_insert_src_node()
1366 			k.rule.ptr = NULL;  in pf_insert_src_node()
1372 		if (!rule->max_src_nodes ||  in pf_insert_src_node()
1373 		    rule->src_nodes < rule->max_src_nodes) {  in pf_insert_src_node()
1384 		    rule->max_src_conn_rate.limit,  in pf_insert_src_node()
1385 		    rule->max_src_conn_rate.seconds);  in pf_insert_src_node()
1388 		if (rule->rule_flag & PFRULE_RULESRCTRACK ||  in pf_insert_src_node()
1389 		    rule->rpool.opts & PF_POOL_STICKYADDR) {  in pf_insert_src_node()
1390 			(*sn)->rule.ptr = rule;  in pf_insert_src_node()
1392 			(*sn)->rule.ptr = NULL;  in pf_insert_src_node()
1407 		(*sn)->ruletype = rule->action;  in pf_insert_src_node()
1408 		if ((*sn)->rule.ptr != NULL) {  in pf_insert_src_node()
1409 			(*sn)->rule.ptr->src_nodes++;  in pf_insert_src_node()
1414 		if (rule->max_src_states &&  in pf_insert_src_node()
1415 		    (*sn)->states >= rule->max_src_states) {  in pf_insert_src_node()
1646 	t = state->rule.ptr->timeout[state->timeout];  in pf_state_expires()
1650 	start = state->rule.ptr->timeout[PFTM_ADAPTIVE_START];  in pf_state_expires()
1652 		end = state->rule.ptr->timeout[PFTM_ADAPTIVE_END];  in pf_state_expires()
1653 		states = state->rule.ptr->states;  in pf_state_expires()
1681 			if (cur->rule.ptr != NULL) {  in pf_purge_expired_src_nodes()
1682 				cur->rule.ptr->src_nodes--;  in pf_purge_expired_src_nodes()
1683 				if (cur->rule.ptr->states <= 0 &&  in pf_purge_expired_src_nodes()
1684 				    cur->rule.ptr->max_src_nodes <= 0) {  in pf_purge_expired_src_nodes()
1685 					pf_rm_rule(NULL, cur->rule.ptr);  in pf_purge_expired_src_nodes()
1710 			t = s->rule.ptr->timeout[PFTM_SRC_NODE];  in pf_src_tree_remove_state()
1720 			t = s->rule.ptr->timeout[PFTM_SRC_NODE];  in pf_src_tree_remove_state()
1736 		pf_send_tcp(cur->rule.ptr, cur->state_key->af_lan,  in pf_unlink_state()
1770 	VERIFY(cur->rule.ptr->states > 0);  in pf_free_state()
1771 	if (--cur->rule.ptr->states <= 0 &&  in pf_free_state()
1772 	    cur->rule.ptr->src_nodes <= 0) {  in pf_free_state()
1773 		pf_rm_rule(NULL, cur->rule.ptr);  in pf_free_state()
3328 			k.rule.ptr = r;  in pf_map_addr()
3330 			k.rule.ptr = NULL;  in pf_map_addr()
4387 	struct pf_rule *r = s->rule.ptr;  in pf_set_rt_ifp()
5868 		s->rule.ptr = r;  in pf_test_rule()
6924 		if (pf_insert_state(BOUND_IFACE(s->rule.ptr, kif), gs)) {  in pf_pptp_handler()
7084 			pf_send_tcp((*state)->rule.ptr, pd->af, pd->dst,  in pf_test_state_tcp()
7125 			pf_send_tcp((*state)->rule.ptr, pd->af, &psrc->addr,  in pf_test_state_tcp()
7139 			pf_send_tcp((*state)->rule.ptr, pd->af, pd->dst,  in pf_test_state_tcp()
7144 			pf_send_tcp((*state)->rule.ptr, pd->af, &psrc->addr,  in pf_test_state_tcp()
7509 				pf_send_tcp((*state)->rule.ptr, pd->af,  in pf_test_state_tcp()
7513 				    (*state)->rule.ptr->return_ttl, 1, 0,  in pf_test_state_tcp()
9896 			r = s->rule.ptr;  in pf_test()
9947 			r = s->rule.ptr;  in pf_test()
9988 			r = s->rule.ptr;  in pf_test()
10024 			r = s->rule.ptr;  in pf_test()
10068 				r = s->rule.ptr;  in pf_test()
10103 			r = s->rule.ptr;  in pf_test()
10553 			r = s->rule.ptr;  in pf_test6()
10604 			r = s->rule.ptr;  in pf_test6()
10644 			r = s->rule.ptr;  in pf_test6()
10680 			r = s->rule.ptr;  in pf_test6()
10724 				r = s->rule.ptr;  in pf_test6()
10759 			r = s->rule.ptr;  in pf_test6()
11168 	struct pf_rule *rule = NULL;  in pf_check_compatible_rules()  local
11185 		TAILQ_FOREACH(rule, pf_main_ruleset.rules[i].active.ptr, entries) {  in pf_check_compatible_rules()
11186 			if (rule->anchor == NULL) {  in pf_check_compatible_rules()