2981 		struct pf_rule          *oldrule = NULL, *newrule = NULL;  in pfioctl_ioc_rule()  local
3027 			newrule = pool_get(&pf_rule_pl, PR_WAITOK);  in pfioctl_ioc_rule()
3028 			if (newrule == NULL) {  in pfioctl_ioc_rule()
3032 			pf_rule_copyin(&pcr->rule, newrule, p, minordev);  in pfioctl_ioc_rule()
3034 			if (newrule->af == AF_INET) {  in pfioctl_ioc_rule()
3035 				pool_put(&pf_rule_pl, newrule);  in pfioctl_ioc_rule()
3040 			if (newrule->ifname[0]) {  in pfioctl_ioc_rule()
3041 				newrule->kif = pfi_kif_get(newrule->ifname);  in pfioctl_ioc_rule()
3042 				if (newrule->kif == NULL) {  in pfioctl_ioc_rule()
3043 					pool_put(&pf_rule_pl, newrule);  in pfioctl_ioc_rule()
3047 				pfi_kif_ref(newrule->kif, PFI_KIF_REF_RULE);  in pfioctl_ioc_rule()
3049 				newrule->kif = NULL;  in pfioctl_ioc_rule()
3052 			if (newrule->tagname[0]) {  in pfioctl_ioc_rule()
3053 				if ((newrule->tag =  in pfioctl_ioc_rule()
3054 				    pf_tagname2tag(newrule->tagname)) == 0) {  in pfioctl_ioc_rule()
3058 			if (newrule->match_tagname[0]) {  in pfioctl_ioc_rule()
3059 				if ((newrule->match_tag = pf_tagname2tag(  in pfioctl_ioc_rule()
3060 					    newrule->match_tagname)) == 0) {  in pfioctl_ioc_rule()
3064 			if (newrule->rt && !newrule->direction) {  in pfioctl_ioc_rule()
3068 			if (!newrule->log) {  in pfioctl_ioc_rule()
3069 				newrule->logif = 0;  in pfioctl_ioc_rule()
3071 			if (newrule->logif >= PFLOGIFS_MAX) {  in pfioctl_ioc_rule()
3075 			pf_addrwrap_setup(&newrule->src.addr);  in pfioctl_ioc_rule()
3076 			pf_addrwrap_setup(&newrule->dst.addr);  in pfioctl_ioc_rule()
3077 			if (pf_rtlabel_add(&newrule->src.addr) ||  in pfioctl_ioc_rule()
3078 			    pf_rtlabel_add(&newrule->dst.addr)) {  in pfioctl_ioc_rule()
3081 			if (pfi_dynaddr_setup(&newrule->src.addr, newrule->af)) {  in pfioctl_ioc_rule()
3084 			if (pfi_dynaddr_setup(&newrule->dst.addr, newrule->af)) {  in pfioctl_ioc_rule()
3087 			if (pf_tbladdr_setup(ruleset, &newrule->src.addr)) {  in pfioctl_ioc_rule()
3090 			if (pf_tbladdr_setup(ruleset, &newrule->dst.addr)) {  in pfioctl_ioc_rule()
3093 			if (pf_anchor_setup(newrule, ruleset, pcr->anchor_call)) {  in pfioctl_ioc_rule()
3101 			if (newrule->overload_tblname[0]) {  in pfioctl_ioc_rule()
3102 				if ((newrule->overload_tbl = pfr_attach_table(  in pfioctl_ioc_rule()
3103 					    ruleset, newrule->overload_tblname)) ==  in pfioctl_ioc_rule()
3107 					newrule->overload_tbl->pfrkt_flags |=  in pfioctl_ioc_rule()
3112 			pf_mv_pool(&pf_pabuf, &newrule->rpool.list);  in pfioctl_ioc_rule()
3113 			if (((((newrule->action == PF_NAT) ||  in pfioctl_ioc_rule()
3114 			    (newrule->action == PF_RDR) ||  in pfioctl_ioc_rule()
3115 			    (newrule->action == PF_BINAT) ||  in pfioctl_ioc_rule()
3116 			    (newrule->rt > PF_FASTROUTE)) &&  in pfioctl_ioc_rule()
3117 			    !newrule->anchor)) &&  in pfioctl_ioc_rule()
3118 			    (TAILQ_FIRST(&newrule->rpool.list) == NULL)) {  in pfioctl_ioc_rule()
3123 				pf_rm_rule(NULL, newrule);  in pfioctl_ioc_rule()
3126 			newrule->rpool.cur = TAILQ_FIRST(&newrule->rpool.list);  in pfioctl_ioc_rule()
3127 			newrule->evaluations = 0;  in pfioctl_ioc_rule()
3128 			newrule->packets[0] = newrule->packets[1] = 0;  in pfioctl_ioc_rule()
3129 			newrule->bytes[0] = newrule->bytes[1] = 0;  in pfioctl_ioc_rule()
3146 				if (newrule != NULL) {  in pfioctl_ioc_rule()
3147 					pf_rm_rule(NULL, newrule);  in pfioctl_ioc_rule()
3161 					newrule, entries);  in pfioctl_ioc_rule()
3164 				TAILQ_INSERT_BEFORE(oldrule, newrule, entries);  in pfioctl_ioc_rule()
3168 					oldrule, newrule, entries);  in pfioctl_ioc_rule()