639 	struct pf_rule          *rule;  in pf_get_pool()  local
657 			rule = TAILQ_LAST(ruleset->rules[rs_num].active.ptr,  in pf_get_pool()
660 			rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pf_get_pool()
668 			rule = TAILQ_LAST(ruleset->rules[rs_num].inactive.ptr,  in pf_get_pool()
671 			rule = TAILQ_FIRST(ruleset->rules[rs_num].inactive.ptr);  in pf_get_pool()
675 		while ((rule != NULL) && (rule->nr != rule_number)) {  in pf_get_pool()
676 			rule = TAILQ_NEXT(rule, entries);  in pf_get_pool()
679 	if (rule == NULL) {  in pf_get_pool()
683 	p = &rule->rpool;  in pf_get_pool()
720 pf_rm_rule(struct pf_rulequeue *rulequeue, struct pf_rule *rule)  in pf_rm_rule()  argument
723 		if (rule->states <= 0) {  in pf_rm_rule()
729 			pf_tbladdr_remove(&rule->src.addr);  in pf_rm_rule()
730 			pf_tbladdr_remove(&rule->dst.addr);  in pf_rm_rule()
731 			if (rule->overload_tbl) {  in pf_rm_rule()
732 				pfr_detach_table(rule->overload_tbl);  in pf_rm_rule()
735 		TAILQ_REMOVE(rulequeue, rule, entries);  in pf_rm_rule()
736 		rule->entries.tqe_prev = NULL;  in pf_rm_rule()
737 		rule->nr = -1;  in pf_rm_rule()
740 	if (rule->states > 0 || rule->src_nodes > 0 ||  in pf_rm_rule()
741 	    rule->entries.tqe_prev != NULL) {  in pf_rm_rule()
744 	pf_tag_unref(rule->tag);  in pf_rm_rule()
745 	pf_tag_unref(rule->match_tag);  in pf_rm_rule()
746 	pf_rtlabel_remove(&rule->src.addr);  in pf_rm_rule()
747 	pf_rtlabel_remove(&rule->dst.addr);  in pf_rm_rule()
748 	pfi_dynaddr_remove(&rule->src.addr);  in pf_rm_rule()
749 	pfi_dynaddr_remove(&rule->dst.addr);  in pf_rm_rule()
751 		pf_tbladdr_remove(&rule->src.addr);  in pf_rm_rule()
752 		pf_tbladdr_remove(&rule->dst.addr);  in pf_rm_rule()
753 		if (rule->overload_tbl) {  in pf_rm_rule()
754 			pfr_detach_table(rule->overload_tbl);  in pf_rm_rule()
757 	pfi_kif_unref(rule->kif, PFI_KIF_REF_RULE);  in pf_rm_rule()
758 	pf_anchor_remove(rule);  in pf_rm_rule()
759 	pf_empty_pool(&rule->rpool.list);  in pf_rm_rule()
760 	pool_put(&pf_rule_pl, rule);  in pf_rm_rule()
915 	struct pf_rule          *rule;  in pf_begin_rules()  local
924 	while ((rule = TAILQ_FIRST(rs->rules[rs_num].inactive.ptr)) != NULL) {  in pf_begin_rules()
925 		pf_rm_rule(rs->rules[rs_num].inactive.ptr, rule);  in pf_begin_rules()
939 	struct pf_rule          *rule;  in pf_rollback_rules()  local
951 	while ((rule = TAILQ_FIRST(rs->rules[rs_num].inactive.ptr)) != NULL) {  in pf_rollback_rules()
952 		pf_rm_rule(rs->rules[rs_num].inactive.ptr, rule);  in pf_rollback_rules()
1019 pf_hash_rule(MD5_CTX *ctx, struct pf_rule *rule)  in pf_hash_rule()  argument
1024 	pf_hash_rule_addr(ctx, &rule->src, rule->proto);  in pf_hash_rule()
1025 	pf_hash_rule_addr(ctx, &rule->dst, rule->proto);  in pf_hash_rule()
1026 	PF_MD5_UPD_STR(rule, label);  in pf_hash_rule()
1027 	PF_MD5_UPD_STR(rule, ifname);  in pf_hash_rule()
1028 	PF_MD5_UPD_STR(rule, match_tagname);  in pf_hash_rule()
1029 	PF_MD5_UPD_HTONS(rule, match_tag, x); /* dup? */  in pf_hash_rule()
1030 	PF_MD5_UPD_HTONL(rule, os_fingerprint, y);  in pf_hash_rule()
1031 	PF_MD5_UPD_HTONL(rule, prob, y);  in pf_hash_rule()
1032 	PF_MD5_UPD_HTONL(rule, uid.uid[0], y);  in pf_hash_rule()
1033 	PF_MD5_UPD_HTONL(rule, uid.uid[1], y);  in pf_hash_rule()
1034 	PF_MD5_UPD(rule, uid.op);  in pf_hash_rule()
1035 	PF_MD5_UPD_HTONL(rule, gid.gid[0], y);  in pf_hash_rule()
1036 	PF_MD5_UPD_HTONL(rule, gid.gid[1], y);  in pf_hash_rule()
1037 	PF_MD5_UPD(rule, gid.op);  in pf_hash_rule()
1038 	PF_MD5_UPD_HTONL(rule, rule_flag, y);  in pf_hash_rule()
1039 	PF_MD5_UPD(rule, action);  in pf_hash_rule()
1040 	PF_MD5_UPD(rule, direction);  in pf_hash_rule()
1041 	PF_MD5_UPD(rule, af);  in pf_hash_rule()
1042 	PF_MD5_UPD(rule, quick);  in pf_hash_rule()
1043 	PF_MD5_UPD(rule, ifnot);  in pf_hash_rule()
1044 	PF_MD5_UPD(rule, match_tag_not);  in pf_hash_rule()
1045 	PF_MD5_UPD(rule, natpass);  in pf_hash_rule()
1046 	PF_MD5_UPD(rule, keep_state);  in pf_hash_rule()
1047 	PF_MD5_UPD(rule, proto);  in pf_hash_rule()
1048 	PF_MD5_UPD(rule, type);  in pf_hash_rule()
1049 	PF_MD5_UPD(rule, code);  in pf_hash_rule()
1050 	PF_MD5_UPD(rule, flags);  in pf_hash_rule()
1051 	PF_MD5_UPD(rule, flagset);  in pf_hash_rule()
1052 	PF_MD5_UPD(rule, allow_opts);  in pf_hash_rule()
1053 	PF_MD5_UPD(rule, rt);  in pf_hash_rule()
1054 	PF_MD5_UPD(rule, tos);  in pf_hash_rule()
1061 	struct pf_rule          *rule, **old_array, *r;  in pf_commit_rules()  local
1124 	while ((rule = TAILQ_FIRST(old_rules)) != NULL) {  in pf_commit_rules()
1125 		pf_rm_rule(old_rules, rule);  in pf_commit_rules()
1225 	sp->rule = s->rule.ptr->nr;  in pf_state_export()
1283 	s->rule.ptr = &pf_default_rule;  in pf_state_import()
1322 	struct pf_rule          *rule;  in pf_setup_pfsync_matching()  local
1345 		TAILQ_FOREACH(rule, rs->rules[rs_cnt].inactive.ptr,  in pf_setup_pfsync_matching()
1347 			pf_hash_rule(&ctx, rule);  in pf_setup_pfsync_matching()
1348 			(rs->rules[rs_cnt].inactive.ptr_array)[rule->nr] = rule;  in pf_setup_pfsync_matching()
1756 		struct pf_rule          *rule;  in pfioctl()  local
1758 		TAILQ_FOREACH(rule,  in pfioctl()
1760 			rule->evaluations = 0;  in pfioctl()
1761 			rule->packets[0] = rule->packets[1] = 0;  in pfioctl()
1762 			rule->bytes[0] = rule->bytes[1] = 0;  in pfioctl()
2403 pf_expire_states_and_src_nodes(struct pf_rule *rule)  in pf_expire_states_and_src_nodes()  argument
2412 		if (state->rule.ptr == rule) {  in pf_expire_states_and_src_nodes()
2421 		if (sn->rule.ptr != rule) {  in pf_expire_states_and_src_nodes()
2446     struct pf_rule *rule)  in pf_delete_rule_from_ruleset()  argument
2451 	pf_expire_states_and_src_nodes(rule);  in pf_delete_rule_from_ruleset()
2453 	pf_rm_rule(ruleset->rules[rs_num].active.ptr, rule);  in pf_delete_rule_from_ruleset()
2482 	struct pf_rule          *rule = NULL;  in pf_delete_rule_by_ticket()  local
2489 	    pr->rule.owner, is_anchor, &error)) == NULL) {  in pf_delete_rule_by_ticket()
2493 	for (i = 0; i < PF_RULESET_MAX && rule == NULL; i++) {  in pf_delete_rule_by_ticket()
2494 		rule = TAILQ_FIRST(ruleset->rules[i].active.ptr);  in pf_delete_rule_by_ticket()
2495 		while (rule && (rule->ticket != pr->rule.ticket)) {  in pf_delete_rule_by_ticket()
2496 			rule = TAILQ_NEXT(rule, entries);  in pf_delete_rule_by_ticket()
2499 	if (rule == NULL) {  in pf_delete_rule_by_ticket()
2506 	if (strcmp(rule->owner, pr->rule.owner)) {  in pf_delete_rule_by_ticket()
2512 	if (rule->anchor && (ruleset != &pf_main_ruleset) &&  in pf_delete_rule_by_ticket()
2516 		struct pf_rule *delete_rule = rule;  in pf_delete_rule_by_ticket()
2526 		rule = TAILQ_FIRST(ruleset->rules[i].active.ptr);  in pf_delete_rule_by_ticket()
2527 		while (rule &&  in pf_delete_rule_by_ticket()
2528 		    (rule->anchor != delete_ruleset->anchor)) {  in pf_delete_rule_by_ticket()
2529 			rule = TAILQ_NEXT(rule, entries);  in pf_delete_rule_by_ticket()
2531 		if (rule == NULL) {  in pf_delete_rule_by_ticket()
2540 		if ((rule->rule_flag & PFRULE_PFM) ^ req_dev) {  in pf_delete_rule_by_ticket()
2541 			if (rule->ticket != pr->rule.ticket) {  in pf_delete_rule_by_ticket()
2563 		if ((rule->rule_flag & PFRULE_PFM) ^ req_dev) {  in pf_delete_rule_by_ticket()
2567 		if (rule->rule_flag & PFRULE_PFM) {  in pf_delete_rule_by_ticket()
2571 		    rule);  in pf_delete_rule_by_ticket()
2591 	struct pf_rule          *rule, *next;  in pf_delete_rule_by_owner()  local
2595 		rule = TAILQ_FIRST(pf_main_ruleset.rules[rs].active.ptr);  in pf_delete_rule_by_owner()
2597 		while (rule) {  in pf_delete_rule_by_owner()
2598 			next = TAILQ_NEXT(rule, entries);  in pf_delete_rule_by_owner()
2603 			if ((rule->rule_flag & PFRULE_PFM) ^ req_dev) {  in pf_delete_rule_by_owner()
2604 				rule = next;  in pf_delete_rule_by_owner()
2605 			} else if (rule->anchor) {  in pf_delete_rule_by_owner()
2606 				if (((strcmp(rule->owner, owner)) == 0) ||  in pf_delete_rule_by_owner()
2607 				    ((strcmp(rule->owner, "")) == 0)) {  in pf_delete_rule_by_owner()
2608 					if (rule->anchor->ruleset.rules[rs].active.rcount > 0) {  in pf_delete_rule_by_owner()
2615 						    &rule->anchor->ruleset;  in pf_delete_rule_by_owner()
2616 						rule = TAILQ_FIRST(ruleset->rules[rs].active.ptr);  in pf_delete_rule_by_owner()
2619 						if (rule->rule_flag &  in pf_delete_rule_by_owner()
2623 						pf_delete_rule_from_ruleset(ruleset, rs, rule);  in pf_delete_rule_by_owner()
2625 						rule = next;  in pf_delete_rule_by_owner()
2628 					rule = next;  in pf_delete_rule_by_owner()
2631 				if (((strcmp(rule->owner, owner)) == 0)) {  in pf_delete_rule_by_owner()
2633 					if (rule->rule_flag & PFRULE_PFM) {  in pf_delete_rule_by_owner()
2637 					    rs, rule);  in pf_delete_rule_by_owner()
2640 				rule = next;  in pf_delete_rule_by_owner()
2642 			if (rule == NULL) {  in pf_delete_rule_by_owner()
2649 					    rs, &rule);  in pf_delete_rule_by_owner()
2661 	struct pf_rule *rule = *rule_ptr;  in pf_deleterule_anchor_step_out()  local
2668 	rule = TAILQ_FIRST(ruleset->rules[rs].active.ptr);  in pf_deleterule_anchor_step_out()
2669 	while (rule && (rule->anchor != rs_copy->anchor)) {  in pf_deleterule_anchor_step_out()
2670 		rule = TAILQ_NEXT(rule, entries);  in pf_deleterule_anchor_step_out()
2672 	if (rule == NULL) {  in pf_deleterule_anchor_step_out()
2675 	if (rule->anchor->ruleset.rules[rs].active.rcount > 0) {  in pf_deleterule_anchor_step_out()
2676 		rule = TAILQ_NEXT(rule, entries);  in pf_deleterule_anchor_step_out()
2680 	*rule_ptr = rule;  in pf_deleterule_anchor_step_out()
2691 pf_rule_setup(struct pfioc_rule *pr, struct pf_rule *rule,  in pf_rule_setup()  argument
2697 	if (rule->ifname[0]) {  in pf_rule_setup()
2698 		rule->kif = pfi_kif_get(rule->ifname);  in pf_rule_setup()
2699 		if (rule->kif == NULL) {  in pf_rule_setup()
2700 			pool_put(&pf_rule_pl, rule);  in pf_rule_setup()
2703 		pfi_kif_ref(rule->kif, PFI_KIF_REF_RULE);  in pf_rule_setup()
2705 	if (rule->tagname[0]) {  in pf_rule_setup()
2706 		if ((rule->tag = pf_tagname2tag(rule->tagname)) == 0) {  in pf_rule_setup()
2710 	if (rule->match_tagname[0]) {  in pf_rule_setup()
2711 		if ((rule->match_tag =  in pf_rule_setup()
2712 		    pf_tagname2tag(rule->match_tagname)) == 0) {  in pf_rule_setup()
2716 	if (rule->rt && !rule->direction) {  in pf_rule_setup()
2720 	if (!rule->log) {  in pf_rule_setup()
2721 		rule->logif = 0;  in pf_rule_setup()
2723 	if (rule->logif >= PFLOGIFS_MAX) {  in pf_rule_setup()
2727 	pf_addrwrap_setup(&rule->src.addr);  in pf_rule_setup()
2728 	pf_addrwrap_setup(&rule->dst.addr);  in pf_rule_setup()
2729 	if (pf_rtlabel_add(&rule->src.addr) ||  in pf_rule_setup()
2730 	    pf_rtlabel_add(&rule->dst.addr)) {  in pf_rule_setup()
2733 	if (pfi_dynaddr_setup(&rule->src.addr, rule->af)) {  in pf_rule_setup()
2736 	if (pfi_dynaddr_setup(&rule->dst.addr, rule->af)) {  in pf_rule_setup()
2739 	if (pf_tbladdr_setup(ruleset, &rule->src.addr)) {  in pf_rule_setup()
2742 	if (pf_tbladdr_setup(ruleset, &rule->dst.addr)) {  in pf_rule_setup()
2745 	if (pf_anchor_setup(rule, ruleset, pr->anchor_call)) {  in pf_rule_setup()
2753 	if (rule->overload_tblname[0]) {  in pf_rule_setup()
2754 		if ((rule->overload_tbl = pfr_attach_table(ruleset,  in pf_rule_setup()
2755 		    rule->overload_tblname)) == NULL) {  in pf_rule_setup()
2758 			rule->overload_tbl->pfrkt_flags |=  in pf_rule_setup()
2763 	pf_mv_pool(&pf_pabuf, &rule->rpool.list);  in pf_rule_setup()
2765 	if (((((rule->action == PF_NAT) || (rule->action == PF_RDR) ||  in pf_rule_setup()
2766 	    (rule->action == PF_BINAT) || (rule->action == PF_NAT64)) &&  in pf_rule_setup()
2767 	    rule->anchor == NULL) ||  in pf_rule_setup()
2768 	    (rule->rt > PF_FASTROUTE)) &&  in pf_rule_setup()
2769 	    (TAILQ_FIRST(&rule->rpool.list) == NULL)) {  in pf_rule_setup()
2774 		pf_rm_rule(NULL, rule);  in pf_rule_setup()
2780 	rule->rpool.af = (rule->action == PF_NAT64) ? AF_INET: rule->af;  in pf_rule_setup()
2781 	rule->rpool.cur = TAILQ_FIRST(&rule->rpool.list);  in pf_rule_setup()
2782 	rule->evaluations = rule->packets[0] = rule->packets[1] =  in pf_rule_setup()
2783 	    rule->bytes[0] = rule->bytes[1] = 0;  in pf_rule_setup()
2797 		struct pf_rule          *rule, *tail;  in pfioctl_ioc_rule()  local
2807 		rs_num = pf_get_ruleset_number(pr->rule.action);  in pfioctl_ioc_rule()
2812 		if (pr->rule.return_icmp >> 8 > ICMP_MAXTYPE) {  in pfioctl_ioc_rule()
2824 		rule = pool_get(&pf_rule_pl, PR_WAITOK);  in pfioctl_ioc_rule()
2825 		if (rule == NULL) {  in pfioctl_ioc_rule()
2829 		pf_rule_copyin(&pr->rule, rule, p, minordev);  in pfioctl_ioc_rule()
2831 		if (rule->af == AF_INET) {  in pfioctl_ioc_rule()
2832 			pool_put(&pf_rule_pl, rule);  in pfioctl_ioc_rule()
2840 			rule->nr = tail->nr + 1;  in pfioctl_ioc_rule()
2842 			rule->nr = 0;  in pfioctl_ioc_rule()
2845 		if ((error = pf_rule_setup(pr, rule, ruleset))) {  in pfioctl_ioc_rule()
2850 		    rule, entries);  in pfioctl_ioc_rule()
2852 		if (rule->rule_flag & PFRULE_PFM) {  in pfioctl_ioc_rule()
2856 		if (rule->action == PF_NAT64) {  in pfioctl_ioc_rule()
2862 			if (rule->rule_flag & PFRULE_PFM) {  in pfioctl_ioc_rule()
2868 		if (rule->action == PF_DUMMYNET) {  in pfioctl_ioc_rule()
2875 			if (rule->direction == PF_IN) {  in pfioctl_ioc_rule()
2877 			} else if (rule->direction == PF_OUT) {  in pfioctl_ioc_rule()
2882 			dn_event.dn_event_rule_config.af = rule->af;  in pfioctl_ioc_rule()
2883 			dn_event.dn_event_rule_config.proto = rule->proto;  in pfioctl_ioc_rule()
2884 			dn_event.dn_event_rule_config.src_port = rule->src.xport.range.port[0];  in pfioctl_ioc_rule()
2885 			dn_event.dn_event_rule_config.dst_port = rule->dst.xport.range.port[0];  in pfioctl_ioc_rule()
2886 			strlcpy(dn_event.dn_event_rule_config.ifname, rule->ifname,  in pfioctl_ioc_rule()
2906 		rs_num = pf_get_ruleset_number(pr->rule.action);  in pfioctl_ioc_rule()
2923 		struct pf_rule          *rule;  in pfioctl_ioc_rule()  local
2933 		rs_num = pf_get_ruleset_number(pr->rule.action);  in pfioctl_ioc_rule()
2942 		rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr);  in pfioctl_ioc_rule()
2943 		while ((rule != NULL) && (rule->nr != pr->nr)) {  in pfioctl_ioc_rule()
2944 			rule = TAILQ_NEXT(rule, entries);  in pfioctl_ioc_rule()
2946 		if (rule == NULL) {  in pfioctl_ioc_rule()
2950 		pf_rule_copyout(rule, &pr->rule);  in pfioctl_ioc_rule()
2951 		if (pf_anchor_copyout(ruleset, rule, pr)) {  in pfioctl_ioc_rule()
2955 		pfi_dynaddr_copyout(&pr->rule.src.addr);  in pfioctl_ioc_rule()
2956 		pfi_dynaddr_copyout(&pr->rule.dst.addr);  in pfioctl_ioc_rule()
2957 		pf_tbladdr_copyout(&pr->rule.src.addr);  in pfioctl_ioc_rule()
2958 		pf_tbladdr_copyout(&pr->rule.dst.addr);  in pfioctl_ioc_rule()
2959 		pf_rtlabel_copyout(&pr->rule.src.addr);  in pfioctl_ioc_rule()
2960 		pf_rtlabel_copyout(&pr->rule.dst.addr);  in pfioctl_ioc_rule()
2962 			if (rule->skip[i].ptr == NULL) {  in pfioctl_ioc_rule()
2963 				pr->rule.skip[i].nr = -1;  in pfioctl_ioc_rule()
2965 				pr->rule.skip[i].nr =  in pfioctl_ioc_rule()
2966 				    rule->skip[i].ptr->nr;  in pfioctl_ioc_rule()
2971 			rule->evaluations = 0;  in pfioctl_ioc_rule()
2972 			rule->packets[0] = rule->packets[1] = 0;  in pfioctl_ioc_rule()
2973 			rule->bytes[0] = rule->bytes[1] = 0;  in pfioctl_ioc_rule()
3004 		rs_num = pf_get_ruleset_number(pcr->rule.action);  in pfioctl_ioc_rule()
3019 			if (pcr->rule.return_icmp >> 8 > ICMP_MAXTYPE) {  in pfioctl_ioc_rule()
3031 			pf_rule_copyin(&pcr->rule, newrule, p, minordev);  in pfioctl_ioc_rule()
3187 		struct pf_rule          *rule, *tail, *r;  in pfioctl_ioc_rule()  local
3196 		    pr->rule.owner, is_anchor, &error)) == NULL) {  in pfioctl_ioc_rule()
3200 		rs_num = pf_get_ruleset_number(pr->rule.action);  in pfioctl_ioc_rule()
3205 		if (pr->rule.return_icmp >> 8 > ICMP_MAXTYPE) {  in pfioctl_ioc_rule()
3217 					if (((strcmp(pr->rule.owner,  in pfioctl_ioc_rule()
3233 		rule = pool_get(&pf_rule_pl, PR_WAITOK);  in pfioctl_ioc_rule()
3234 		if (rule == NULL) {  in pfioctl_ioc_rule()
3238 		pf_rule_copyin(&pr->rule, rule, p, minordev);  in pfioctl_ioc_rule()
3240 		if (rule->af == AF_INET) {  in pfioctl_ioc_rule()
3241 			pool_put(&pf_rule_pl, rule);  in pfioctl_ioc_rule()
3247 		while ((r != NULL) && (rule->priority >= (unsigned)r->priority)) {  in pfioctl_ioc_rule()
3254 				rule->nr = tail->nr + 1;  in pfioctl_ioc_rule()
3256 				rule->nr = 0;  in pfioctl_ioc_rule()
3259 			rule->nr = r->nr;  in pfioctl_ioc_rule()
3262 		if ((error = pf_rule_setup(pr, rule, ruleset))) {  in pfioctl_ioc_rule()
3266 		if (rule->anchor != NULL) {  in pfioctl_ioc_rule()
3267 			strlcpy(rule->anchor->owner, rule->owner,  in pfioctl_ioc_rule()
3272 			TAILQ_INSERT_BEFORE(r, rule, entries);  in pfioctl_ioc_rule()
3278 			    rule, entries);  in pfioctl_ioc_rule()
3288 		rule->ticket = VM_KERNEL_ADDRPERM((u_int64_t)(uintptr_t)rule);  in pfioctl_ioc_rule()
3290 		pr->rule.ticket = rule->ticket;  in pfioctl_ioc_rule()
3291 		pf_rule_copyout(rule, &pr->rule);  in pfioctl_ioc_rule()
3292 		if (rule->rule_flag & PFRULE_PFM) {  in pfioctl_ioc_rule()
3295 		if (rule->action == PF_NAT64) {  in pfioctl_ioc_rule()
3301 			if (rule->rule_flag & PFRULE_PFM) {  in pfioctl_ioc_rule()
3316 		if (pr->rule.return_icmp >> 8 > ICMP_MAXTYPE) {  in pfioctl_ioc_rule()
3326 		if (pr->rule.ticket) {  in pfioctl_ioc_rule()
3331 			pf_delete_rule_by_owner(pr->rule.owner, req_dev);  in pfioctl_ioc_rule()
3334 		if (pr->rule.action == PF_NAT64) {  in pfioctl_ioc_rule()
3389 			    ((NULL == s->rule.ptr) ||  in pfioctl_ioc_state_kill()
3390 			    strcmp(psk->psk_ownername, s->rule.ptr->owner))) {  in pfioctl_ioc_state_kill()
3431 			    ((NULL == s->rule.ptr) ||  in pfioctl_ioc_state_kill()
3432 			    strcmp(psk->psk_ownername, s->rule.ptr->owner))) {  in pfioctl_ioc_state_kill()
4375 			if (n->rule.ptr != NULL) {  in pfioctl_ioc_src_nodes()
4376 				pstore->rule.nr = n->rule.ptr->nr;  in pfioctl_ioc_src_nodes()