2949 		struct pf_rule          *oldrule = NULL, *newrule = NULL;  in pfioctl_ioc_rule()  local
2995 			newrule = pool_get(&pf_rule_pl, PR_WAITOK);  in pfioctl_ioc_rule()
2996 			if (newrule == NULL) {  in pfioctl_ioc_rule()
3000 			pf_rule_copyin(&pcr->rule, newrule, p, minordev);  in pfioctl_ioc_rule()
3002 			if (newrule->af == AF_INET) {  in pfioctl_ioc_rule()
3003 				pool_put(&pf_rule_pl, newrule);  in pfioctl_ioc_rule()
3008 			if (newrule->ifname[0]) {  in pfioctl_ioc_rule()
3009 				newrule->kif = pfi_kif_get(newrule->ifname);  in pfioctl_ioc_rule()
3010 				if (newrule->kif == NULL) {  in pfioctl_ioc_rule()
3011 					pool_put(&pf_rule_pl, newrule);  in pfioctl_ioc_rule()
3015 				pfi_kif_ref(newrule->kif, PFI_KIF_REF_RULE);  in pfioctl_ioc_rule()
3017 				newrule->kif = NULL;  in pfioctl_ioc_rule()
3020 			if (newrule->tagname[0]) {  in pfioctl_ioc_rule()
3021 				if ((newrule->tag =  in pfioctl_ioc_rule()
3022 				    pf_tagname2tag(newrule->tagname)) == 0) {  in pfioctl_ioc_rule()
3026 			if (newrule->match_tagname[0]) {  in pfioctl_ioc_rule()
3027 				if ((newrule->match_tag = pf_tagname2tag(  in pfioctl_ioc_rule()
3028 					    newrule->match_tagname)) == 0) {  in pfioctl_ioc_rule()
3032 			if (newrule->rt && !newrule->direction) {  in pfioctl_ioc_rule()
3036 			if (!newrule->log) {  in pfioctl_ioc_rule()
3037 				newrule->logif = 0;  in pfioctl_ioc_rule()
3039 			if (newrule->logif >= PFLOGIFS_MAX) {  in pfioctl_ioc_rule()
3043 			pf_addrwrap_setup(&newrule->src.addr);  in pfioctl_ioc_rule()
3044 			pf_addrwrap_setup(&newrule->dst.addr);  in pfioctl_ioc_rule()
3045 			if (pf_rtlabel_add(&newrule->src.addr) ||  in pfioctl_ioc_rule()
3046 			    pf_rtlabel_add(&newrule->dst.addr)) {  in pfioctl_ioc_rule()
3049 			if (pfi_dynaddr_setup(&newrule->src.addr, newrule->af)) {  in pfioctl_ioc_rule()
3052 			if (pfi_dynaddr_setup(&newrule->dst.addr, newrule->af)) {  in pfioctl_ioc_rule()
3055 			if (pf_tbladdr_setup(ruleset, &newrule->src.addr)) {  in pfioctl_ioc_rule()
3058 			if (pf_tbladdr_setup(ruleset, &newrule->dst.addr)) {  in pfioctl_ioc_rule()
3061 			if (pf_anchor_setup(newrule, ruleset, pcr->anchor_call)) {  in pfioctl_ioc_rule()
3069 			if (newrule->overload_tblname[0]) {  in pfioctl_ioc_rule()
3070 				if ((newrule->overload_tbl = pfr_attach_table(  in pfioctl_ioc_rule()
3071 					    ruleset, newrule->overload_tblname)) ==  in pfioctl_ioc_rule()
3075 					newrule->overload_tbl->pfrkt_flags |=  in pfioctl_ioc_rule()
3080 			pf_mv_pool(&pf_pabuf, &newrule->rpool.list);  in pfioctl_ioc_rule()
3081 			if (((((newrule->action == PF_NAT) ||  in pfioctl_ioc_rule()
3082 			    (newrule->action == PF_RDR) ||  in pfioctl_ioc_rule()
3083 			    (newrule->action == PF_BINAT) ||  in pfioctl_ioc_rule()
3084 			    (newrule->rt > PF_FASTROUTE)) &&  in pfioctl_ioc_rule()
3085 			    !newrule->anchor)) &&  in pfioctl_ioc_rule()
3086 			    (TAILQ_FIRST(&newrule->rpool.list) == NULL)) {  in pfioctl_ioc_rule()
3091 				pf_rm_rule(NULL, newrule);  in pfioctl_ioc_rule()
3094 			newrule->rpool.cur = TAILQ_FIRST(&newrule->rpool.list);  in pfioctl_ioc_rule()
3095 			newrule->evaluations = 0;  in pfioctl_ioc_rule()
3096 			newrule->packets[0] = newrule->packets[1] = 0;  in pfioctl_ioc_rule()
3097 			newrule->bytes[0] = newrule->bytes[1] = 0;  in pfioctl_ioc_rule()
3114 				if (newrule != NULL) {  in pfioctl_ioc_rule()
3115 					pf_rm_rule(NULL, newrule);  in pfioctl_ioc_rule()
3129 					newrule, entries);  in pfioctl_ioc_rule()
3132 				TAILQ_INSERT_BEFORE(oldrule, newrule, entries);  in pfioctl_ioc_rule()
3136 					oldrule, newrule, entries);  in pfioctl_ioc_rule()