sysutils/pftop: support newer PF and depend on osabi

* In order for pftop to be built successfully with newer PF
versions (> 4.1), additional patches are necessary which were taken
from OpenBSD's ports as seen in PR pkg/44339
* Pftop compiled for another PF version will not work (properly),
so to avoid any problems we must depend on the OS version

ok@ wiz

8 files changed, 962 insertions, 56 deletions

diff --git a/sysutils/pftop/Makefile b/sysutils/pftop/Makefile
index 0372f58945d..44b742e23a9 100644
--- a/sysutils/pftop/Makefile
+++ b/sysutils/pftop/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.13 2010/05/25 21:06:29 wiz Exp $
+# $NetBSD: Makefile,v 1.14 2011/02/09 22:51:38 rumko Exp $
 
 DISTNAME=	pftop-0.7
+PKGREVISION=	1
 CATEGORIES=	sysutils net
 MASTER_SITES=	http://www.eee.metu.edu.tr/~canacar/
 
@@ -14,6 +15,7 @@ NO_CONFIGURE=	yes
 
 MAKE_ENV+=	OSLEVEL=${PF_VERSION:S/.//}
 CFLAGS+=	-I${PREFIX}/include
+OSVERSION_SPECIFIC=	yes
 
 INSTALLATION_DIRS=	${PKGMANDIR}/man8 sbin
 
diff --git a/sysutils/pftop/distinfo b/sysutils/pftop/distinfo
index 72f6f39bbb7..8ce19e0fd5d 100644
--- a/sysutils/pftop/distinfo
+++ b/sysutils/pftop/distinfo
@@ -1,16 +1,17 @@
-$NetBSD: distinfo,v 1.7 2010/09/18 20:48:23 wiz Exp $
+$NetBSD: distinfo,v 1.8 2011/02/09 22:51:38 rumko Exp $
 
 SHA1 (pftop-0.7.tar.gz) = 651afa532cfc8cf59c3598704deb9bf3788ac9e9
 RMD160 (pftop-0.7.tar.gz) = 0e0c09e5feeb07deba8b540233dcb946ba0b4508
 Size (pftop-0.7.tar.gz) = 59765 bytes
 SHA1 (patch-aa) = ff5c522223472188933a6ccbe9725190dc8ec1b5
-SHA1 (patch-ab) = 9e54f7d6f6e6c4c54f924b86080359efea9ba369
-SHA1 (patch-ac) = 4d5ffc354258fb39c0a4655457b0c78e4f5709cb
-SHA1 (patch-ad) = ca20a6cd1dd61aab5b41e6ee22b08dee7741a542
+SHA1 (patch-ab) = fccf6fe5348f24d00dbf26cbe1880b9298774c6b
+SHA1 (patch-ac) = 0bbbe06873c76393cc14c17f2f9a946ded71d068
+SHA1 (patch-ad) = a2999c5c42d96baf6bde55c2925f83aadee17394
 SHA1 (patch-ae) = 54619b846899a7c4f260191a772e41e1c07c178c
 SHA1 (patch-af) = 59b907b20fa215b3f0a1e690c9c71d2f7077e322
-SHA1 (patch-ag) = 7b3b0a9d7ac73df9c258ae27a8c75e6556574ee8
-SHA1 (patch-ah) = 7b2acf95c6f8ce5f0c621ed6c4fcee67a403ab88
+SHA1 (patch-ag) = 2e749dc45b2b91a1563bc1467b69775f595e4d03
+SHA1 (patch-ah) = 7adca5a484de91bf89e66d10ab645912068cd1c2
 SHA1 (patch-ai) = 629c1668eab0d819e590fb62b7afa6c85709fd15
 SHA1 (patch-aj) = 287b09d61d5e761c4f6842c37ed0b668b84beae9
 SHA1 (patch-ak) = 78622d902016fa559ae3090d9c8407337d7cd0ed
+SHA1 (patch-al) = 94f87c9655fd772e05e193da90617d12200a6ae5
diff --git a/sysutils/pftop/patches/patch-ab b/sysutils/pftop/patches/patch-ab
index a2b5a7a58cc..7d3e0bb9b15 100644
--- a/sysutils/pftop/patches/patch-ab
+++ b/sysutils/pftop/patches/patch-ab
@@ -1,4 +1,8 @@
-$NetBSD: patch-ab,v 1.5 2008/06/15 14:09:03 peter Exp $
+$NetBSD: patch-ab,v 1.6 2011/02/09 22:51:38 rumko Exp $
+$OpenBSD: patch-cache_c,v 1.1 2008/06/13 00:38:12 canacar Exp $
+
+* DragonFly compatibility
+* Patches to support PF > 4.1 taken from OpenBSD's ports
 
 --- cache.c.old	2008-06-14 17:43:59.000000000 +0200
 +++ cache.c	2008-06-15 01:15:37.000000000 +0200
@@ -22,3 +26,68 @@ $NetBSD: patch-ab,v 1.5 2008/06/15 14:09:03 peter Exp $
  TAILQ_HEAD(sc_queue, sc_ent) scq1, scq2, scq_free;
  RB_GENERATE(sc_tree, sc_ent, tlink, sc_cmp);
  
+@@ -118,12 +123,17 @@
+ 
+ 	cache_size--;
+ 
++#ifdef HAVE_PFSYNC_STATE
++	ent->id[0] = st->id[0];
++	ent->id[1] = st->id[1];
++#else
+ 	ent->addr[0] = st->lan.addr;
+ 	ent->port[0] = st->lan.port;
+ 	ent->addr[1] = st->ext.addr;
+ 	ent->port[1] = st->ext.port;
+ 	ent->af = st->af;
+ 	ent->proto = st->proto;
++#endif
+ #ifdef HAVE_INOUT_COUNT
+ 	ent->bytes = COUNTER(st->bytes[0]) + COUNTER(st->bytes[1]);
+ #else
+@@ -147,13 +157,17 @@
+ 	if (cache_max == 0)
+ 		return (NULL);
+ 
++#ifdef HAVE_PFSYNC_STATE
++	ent.id[0] = st->id[0];
++	ent.id[1] = st->id[1];
++#else
+ 	ent.addr[0] = st->lan.addr;
+ 	ent.port[0] = st->lan.port;
+ 	ent.addr[1] = st->ext.addr;
+ 	ent.port[1] = st->ext.port;
+ 	ent.af = st->af;
+ 	ent.proto = st->proto;
+-
++#endif
+ 	old = RB_FIND(sc_tree, &sctree, &ent);
+ 
+ 	if (old == NULL) {
+@@ -210,8 +224,18 @@
+ static __inline int
+ sc_cmp(struct sc_ent *a, struct sc_ent *b)
+ {
++#ifdef HAVE_PFSYNC_STATE
++	if (a->id[0] > b->id[0])
++		return (1);
++	if (a->id[0] < b->id[0])
++		return (-1);
++	if (a->id[1] > b->id[1])
++		return (1);
++	if (a->id[1] < b->id[1])
++		return (-1);
++#else	
+        	int diff;
+-	
++
+ 	if ((diff = a->proto - b->proto) != 0)
+ 		return (diff);
+ 	if ((diff = a->af - b->af) != 0)
+@@ -269,6 +293,6 @@
+ 		return (diff);
+ 	if ((diff = a->port[1] - b->port[1]) != 0)
+ 		return (diff);
+-
++#endif
+ 	return (0);
+ }
diff --git a/sysutils/pftop/patches/patch-ac b/sysutils/pftop/patches/patch-ac
index f9c190c841f..c463879d477 100644
--- a/sysutils/pftop/patches/patch-ac
+++ b/sysutils/pftop/patches/patch-ac
@@ -1,25 +1,32 @@
-$NetBSD: patch-ac,v 1.3 2008/06/15 14:09:03 peter Exp $
+$NetBSD: patch-ac,v 1.4 2011/02/09 22:51:38 rumko Exp $
+$OpenBSD: patch-config_h,v 1.5 2009/11/30 09:56:39 sthen Exp $
+
+Patches to support PF > 4.1 taken from OpenBSD's ports.
 
 --- config.h.old	2008-06-15 01:19:59.000000000 +0200
 +++ config.h	2008-06-15 12:16:51.000000000 +0200
-@@ -42,7 +42,9 @@
- #if OS_LEVEL > 32
- #define HAVE_ADDR_MASK
- #define HAVE_ADDR_TYPE
-+#ifndef __NetBSD__
- #define HAVE_ALTQ
-+#endif /* !__NetBSD__ */
- #define HAVE_RULE_TOS
- #define HAVE_OP_RRG
- #endif
-@@ -64,6 +66,10 @@
- 
- #if OS_LEVEL > 37
- #define HAVE_INOUT_COUNT_RULES
-+#ifdef __NetBSD__
-+/* NetBSD has pf/ALTQ since 4.0, which shipped with pf 3.7 */
-+#define HAVE_ALTQ
-+#endif /* __NetBSD__ */
+@@ -74,11 +74,24 @@
+ #define HAVE_PFSYNC_STATE
  #endif
  
- #if OS_LEVEL > 38
++#if OS_LEVEL > 43
++#define HAVE_PFSYNC_KEY
++#define HAVE_NETWORK_ORDER
++#endif
++
++/* #if OS_LEVEL > 46 */
++#undef HAVE_RULE_NATPASS
++/* #endif */
++
+ #ifdef HAVE_PFSYNC_STATE
+ typedef struct pfsync_state pf_state_t;
+ typedef struct pfsync_state_host pf_state_host_t;
+ typedef struct pfsync_state_peer pf_state_peer_t;
++#ifdef HAVE_NETWORK_ORDER
++#define COUNTER(c) ((((u_int64_t) ntohl(c[0]))<<32) + ntohl(c[1]))
++#else
+ #define COUNTER(c) ((((u_int64_t) c[0])<<32) + c[1])
++#endif
+ #define pfs_ifname ifname
+ #else
+ typedef struct pf_state pf_state_t;
diff --git a/sysutils/pftop/patches/patch-ad b/sysutils/pftop/patches/patch-ad
index 19cafd7e2ce..69fb9fc7210 100644
--- a/sysutils/pftop/patches/patch-ad
+++ b/sysutils/pftop/patches/patch-ad
@@ -1,4 +1,8 @@
-$NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
+$NetBSD: patch-ad,v 1.3 2011/02/09 22:51:38 rumko Exp $
+$OpenBSD: patch-engine_c,v 1.1 2008/06/13 00:38:12 canacar Exp $
+
+* DragonFly compatibility
+* Patches to support PF > 4.1 taken from OpenBSD's ports.
 
 --- engine.c.orig	2007-11-07 07:35:44 +0100
 +++ engine.c	2009-11-17 00:31:46 +0100
@@ -66,7 +70,17 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  }
  
  void
-@@ -905,12 +910,6 @@
+@@ -809,6 +814,9 @@
+ {
+ 	order_type *o, *oc;
+ 
++	if (curr_view->mgr->order_list == NULL)
++		return;
++
+ 	oc = curr_view->mgr->order_curr;
+ 
+ 	for (o = curr_view->mgr->order_list; o->name != NULL; o++) {
+@@ -905,12 +913,6 @@
  }
  
  void
@@ -79,7 +93,7 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  setup_term(int dmax)
  {
  	max_disp = dmax;
-@@ -941,8 +940,9 @@
+@@ -941,8 +943,9 @@
  		keypad(stdscr, TRUE);
  		intrflush(stdscr, FALSE);
  
@@ -90,7 +104,7 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	}
  
  	if (dmax == 0)
-@@ -970,7 +970,6 @@
+@@ -970,7 +973,6 @@
  	}
  	curr_message = NULL;
  	curr_cmd = cmd;
@@ -98,7 +112,7 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	return prev;
  }
  
-@@ -987,7 +986,6 @@
+@@ -987,7 +989,6 @@
  
  int
  msgprintf(char *format, ...)
@@ -106,7 +120,7 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  {
  	static char buf[1024];
  	int len;
-@@ -1085,28 +1083,21 @@
+@@ -1085,28 +1086,21 @@
  	if (curr_message != NULL) {
  		if (ch > 0) {
  			curr_message = NULL;
@@ -135,7 +149,7 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  		break;
  	case 'v':
  		/* FALLTHROUGH */
-@@ -1124,49 +1115,40 @@
+@@ -1124,49 +1118,40 @@
  		/* FALLTHROUGH */
  	case CTRL_N:
  		dispstart++;
@@ -186,7 +200,7 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  		set_view_hotkey(ch);
  }
  
-@@ -1177,43 +1159,15 @@
+@@ -1177,43 +1162,15 @@
  	signal(SIGINT, sig_close);
  	signal(SIGQUIT, sig_close);
  	signal(SIGWINCH, sig_resize);
@@ -231,7 +245,7 @@ $NetBSD: patch-ad,v 1.2 2010/09/18 20:48:23 wiz Exp $
  		if (gotsig_close)
  			break;
  		if (gotsig_resize) {
-@@ -1221,13 +1175,31 @@
+@@ -1221,13 +1178,31 @@
  				endwin();
  			setup_term(max_disp);
  			gotsig_resize = 0;
diff --git a/sysutils/pftop/patches/patch-ag b/sysutils/pftop/patches/patch-ag
index 978d789dded..47027cc9792 100644
--- a/sysutils/pftop/patches/patch-ag
+++ b/sysutils/pftop/patches/patch-ag
@@ -1,4 +1,8 @@
-$NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
+$NetBSD: patch-ag,v 1.3 2011/02/09 22:51:38 rumko Exp $
+$OpenBSD: patch-pftop_c,v 1.13 2009/12/02 22:59:29 sthen Exp $
+
+* DragonFly compatibility
+* Patches to support PF > 4.1 taken from OpenBSD's ports.
 
 --- pftop.c.orig	2007-11-07 07:36:46 +0100
 +++ pftop.c	2009-11-16 23:37:03 +0100
@@ -44,7 +48,21 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  #include <netdb.h>
  #include <signal.h>
  #include <stdio.h>
-@@ -371,6 +391,9 @@
+@@ -127,6 +147,13 @@
+ #define PT_NOROUTE(x) (0)
+ #endif
+ 
++#ifdef HAVE_NETWORK_ORDER
++#define PF_TSTAMP(x) ntohl(x)
++#else
++#define PF_TSTAMP(x) (x)
++#endif
++
++
+ /* view management */
+ int select_states(void);
+ int read_states(void);
+@@ -371,6 +398,9 @@
  	class_stats_t		cbq_stats;
  	struct priq_classstats	priq_stats;
  	struct hfsc_classstats	hfsc_stats;
@@ -54,7 +72,198 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  };
  
  struct queue_stats {
-@@ -736,7 +759,7 @@
+@@ -445,11 +475,11 @@
+ int
+ sort_age_callback(const void *s1, const void *s2)
+ {
+-	if (state_buf[* (u_int32_t *) s2].creation >
+-	    state_buf[* (u_int32_t *) s1].creation)
++	if (PF_TSTAMP(state_buf[* (u_int32_t *) s2].creation) >
++	    PF_TSTAMP(state_buf[* (u_int32_t *) s1].creation))
+ 		return sortdir;
+-	if (state_buf[* (u_int32_t *) s2].creation <
+-	    state_buf[* (u_int32_t *) s1].creation)
++	if (PF_TSTAMP(state_buf[* (u_int32_t *) s2].creation) <
++	    PF_TSTAMP(state_buf[* (u_int32_t *) s1].creation))
+ 		return -sortdir;
+ 	return 0;
+ }
+@@ -457,11 +487,11 @@
+ int
+ sort_exp_callback(const void *s1, const void *s2)
+ {
+-	if (state_buf[* (u_int32_t *) s2].expire >
+-	    state_buf[* (u_int32_t *) s1].expire)
++	if (PF_TSTAMP(state_buf[* (u_int32_t *) s2].expire) >
++	    PF_TSTAMP(state_buf[* (u_int32_t *) s1].expire))
+ 		return sortdir;
+-	if (state_buf[* (u_int32_t *) s2].expire <
+-	    state_buf[* (u_int32_t *) s1].expire)
++	if (PF_TSTAMP(state_buf[* (u_int32_t *) s2].expire) <
++	    PF_TSTAMP(state_buf[* (u_int32_t *) s1].expire))
+ 		return -sortdir;
+ 	return 0;
+ }
+@@ -535,6 +565,115 @@
+ 	return 0;
+ }
+ 
++#ifdef HAVE_PFSYNC_KEY
++
++#ifdef __GNUC__
++__inline__
++#endif
++int
++sort_addr_callback(const pf_state_t *s1,
++		   const pf_state_t *s2, int dir)
++{
++	const struct pf_addr *aa, *ab;
++	u_int16_t pa, pb;
++	int af, ret, ii, io;
++
++	af = s1->af;
++
++
++	if (af > s2->af)
++		return sortdir;
++	if (af < s2->af)
++		return -sortdir;
++	
++       	ii = io = 0;
++
++	if (dir == PF_OUT)	/* looking for source addr */
++		io = 1;
++	else			/* looking for dest addr */
++		ii = 1;
++	
++	if (s1->direction == PF_IN) {
++		aa = &s1->key[PF_SK_STACK].addr[ii];
++		pa =  s1->key[PF_SK_STACK].port[ii];
++	} else {
++		aa = &s1->key[PF_SK_WIRE].addr[io];
++		pa =  s1->key[PF_SK_WIRE].port[io];
++	}
++
++	if (s2->direction == PF_IN) {
++		ab = &s2->key[PF_SK_STACK].addr[ii];;
++		pb =  s2->key[PF_SK_STACK].port[ii];
++	} else {
++		ab = &s2->key[PF_SK_WIRE].addr[io];;
++		pb =  s2->key[PF_SK_WIRE].port[io];
++	}
++
++	ret = compare_addr(af, aa, ab);
++	if (ret)
++		return ret * sortdir;
++
++	if (ntohs(pa) > ntohs(pb))
++		return sortdir;
++	return -sortdir;
++}
++
++#ifdef __GNUC__
++__inline__
++#endif
++int
++sort_port_callback(const pf_state_t *s1,
++		   const pf_state_t *s2, int dir)
++{
++	const struct pf_addr *aa, *ab;
++	u_int16_t pa, pb;
++	int af, ret, ii, io;
++
++	af = s1->af;
++
++
++	if (af > s2->af)
++		return sortdir;
++	if (af < s2->af)
++		return -sortdir;
++	
++       	ii = io = 0;
++
++	if (dir == PF_OUT)	/* looking for source addr */
++		io = 1;
++	else			/* looking for dest addr */
++		ii = 1;
++	
++	if (s1->direction == PF_IN) {
++		aa = &s1->key[PF_SK_STACK].addr[ii];
++		pa =  s1->key[PF_SK_STACK].port[ii];
++	} else {
++		aa = &s1->key[PF_SK_WIRE].addr[io];
++		pa =  s1->key[PF_SK_WIRE].port[io];
++	}
++
++	if (s2->direction == PF_IN) {
++		ab = &s2->key[PF_SK_STACK].addr[ii];;
++		pb =  s2->key[PF_SK_STACK].port[ii];
++	} else {
++		ab = &s2->key[PF_SK_WIRE].addr[io];;
++		pb =  s2->key[PF_SK_WIRE].port[io];
++	}
++
++
++	if (ntohs(pa) > ntohs(pb))
++		return sortdir;
++	if (ntohs(pa) < ntohs(pb))
++		return - sortdir;
++
++	ret = compare_addr(af, aa, ab);
++	if (ret)
++		return ret * sortdir;
++	return -sortdir;
++}
++
++#else	/* HAVE_PFSYNC_KEY */
++
+ #ifdef __GNUC__
+ __inline__
+ #endif
+@@ -573,20 +712,6 @@
+ 	return -sortdir;
+ }
+ 
+-int sort_sa_callback(const void *p1, const void *p2)
+-{
+-	pf_state_t *s1 = state_buf + (* (u_int32_t *) p1);
+-	pf_state_t *s2 = state_buf + (* (u_int32_t *) p2);
+-	return sort_addr_callback(s1, s2, PF_OUT);
+-}
+-
+-int sort_da_callback(const void *p1, const void *p2)
+-{
+-	pf_state_t *s1 = state_buf + (* (u_int32_t *) p1);
+-	pf_state_t *s2 = state_buf + (* (u_int32_t *) p2);
+-	return sort_addr_callback(s1, s2, PF_IN);
+-}
+-
+ #ifdef __GNUC__
+ __inline__
+ #endif
+@@ -625,6 +750,21 @@
+ 		return sortdir;
+ 	return -sortdir;
+ }
++#endif	/* HAVE_PFSYNC_KEY */
++
++int sort_sa_callback(const void *p1, const void *p2)
++{
++	pf_state_t *s1 = state_buf + (* (u_int32_t *) p1);
++	pf_state_t *s2 = state_buf + (* (u_int32_t *) p2);
++	return sort_addr_callback(s1, s2, PF_OUT);
++}
++
++int sort_da_callback(const void *p1, const void *p2)
++{
++	pf_state_t *s1 = state_buf + (* (u_int32_t *) p1);
++	pf_state_t *s2 = state_buf + (* (u_int32_t *) p2);
++	return sort_addr_callback(s1, s2, PF_IN);
++}
+ 
+ int
+ sort_sp_callback(const void *p1, const void *p2)
+@@ -736,7 +876,7 @@
  	} else {
  		num_states = 0;
  		for (n = 0; n<num_states_all; n++)
@@ -63,7 +272,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  			    sizeof(pf_state_t), sizeof(pf_state_t)) > 0)
  				state_ord[num_states++] = n;
  	}
-@@ -828,7 +851,7 @@
+@@ -828,7 +968,7 @@
  		tbprintf(" PAUSED");
  
  	if (rawmode)
@@ -72,7 +281,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	else
  		mvprintw(0, 0, "%s", tmp_buf);
  
-@@ -843,7 +866,10 @@
+@@ -843,7 +983,10 @@
  		len = columns - strlen(tmp_buf);
  		if (len < 0)
  			len = 0;
@@ -84,7 +293,122 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	}
  
  	tb_end();
-@@ -1244,7 +1270,6 @@
+@@ -865,7 +1008,48 @@
+ 			tbprintf("/%u", unmask(mask, af));
+ 	}
+ }
++#ifdef HAVE_PFSYNC_KEY
++void
++print_fld_host2(field_def *fld, struct pfsync_state_key *ks,
++		struct pfsync_state_key *kn, int idx, int af)
++{
++	struct pf_addr *as = &ks->addr[idx];
++	struct pf_addr *an = &kn->addr[idx];
++
++	u_int16_t ps = ntohs(ks->port[idx]);
++	u_int16_t pn = ntohs(kn->port[idx]);
++
++	if (fld == NULL)
++		return;
++
++	if (fld->width < 3) {
++		print_fld_str(fld, "*");
++		return;
++	}
++
++	tb_start();
++	tb_print_addr(as, NULL, af);
++
++	if (af == AF_INET)
++		tbprintf(":%u", ps);
++	else
++		tbprintf("[%u]", ps);
++
++	print_fld_tb(fld);
++
++	if (PF_ANEQ(as, an, af) || ps != pn) {
++		tb_start();
++		tb_print_addr(an, NULL, af);
+ 
++		if (af == AF_INET)
++			tbprintf(":%u", pn);
++		else
++			tbprintf("[%u]", pn);
++		print_fld_tb(FLD_GW);
++	}
++
++}
++#else
+ void
+ print_fld_host(field_def *fld, pf_state_host_t * h, int af)
+ {
+@@ -889,6 +1073,7 @@
+ 
+ 	print_fld_tb(fld);
+ }
++#endif
+ 
+ void
+ print_fld_state(field_def *fld, unsigned int proto,
+@@ -960,6 +1145,19 @@
+ 	else
+ 		print_fld_uint(FLD_PROTO, s->proto);
+ 
++#ifdef HAVE_PFSYNC_KEY
++	if (s->direction == PF_OUT) {
++		print_fld_host2(FLD_SRC, &s->key[PF_SK_WIRE],
++		    &s->key[PF_SK_STACK], 1, s->af);
++		print_fld_host2(FLD_DEST, &s->key[PF_SK_WIRE],
++		    &s->key[PF_SK_STACK], 0, s->af);
++	} else {
++		print_fld_host2(FLD_SRC, &s->key[PF_SK_STACK],
++		    &s->key[PF_SK_WIRE], 0, s->af);
++		print_fld_host2(FLD_DEST, &s->key[PF_SK_STACK],
++		    &s->key[PF_SK_WIRE], 1, s->af);
++	}
++#else
+ 	if (s->direction == PF_OUT) {
+ 		print_fld_host(FLD_SRC, &s->lan, s->af);
+ 		print_fld_host(FLD_DEST, &s->ext, s->af);
+@@ -972,6 +1170,7 @@
+ 	    (s->lan.port != s->gwy.port)) {
+ 		print_fld_host(FLD_GW, &s->gwy, s->af);
+ 	}
++#endif
+ 
+ 	if (s->direction == PF_OUT)
+ 		print_fld_str(FLD_DIR, "Out");
+@@ -979,8 +1178,8 @@
+ 		print_fld_str(FLD_DIR, "In");
+ 
+ 	print_fld_state(FLD_STATE, s->proto, src->state, dst->state);
+-	print_fld_age(FLD_AGE, s->creation);
+-	print_fld_age(FLD_EXP, s->expire);
++	print_fld_age(FLD_AGE, PF_TSTAMP(s->creation));
++	print_fld_age(FLD_EXP, PF_TSTAMP(s->expire));
+ #ifdef HAVE_INOUT_COUNT
+ 	{
+ 		u_int64_t sz = COUNTER(s->bytes[0]) + COUNTER(s->bytes[1]);
+@@ -988,14 +1187,14 @@
+ 		print_fld_size(FLD_PKTS, COUNTER(s->packets[0]) +
+ 			       COUNTER(s->packets[1]));
+ 		print_fld_size(FLD_BYTES, sz);
+-		print_fld_rate(FLD_SA, (s->creation > 0) ?
+-			       ((double)sz/(double)s->creation) : -1);
++		print_fld_rate(FLD_SA, (s->creation) ?
++			       ((double)sz/PF_TSTAMP((double)s->creation)) : -1);
+ 	}
+ #else
+ 	print_fld_size(FLD_PKTS, s->packets);
+ 	print_fld_size(FLD_BYTES, s->bytes);
+-	print_fld_rate(FLD_SA, (s->creation > 0) ?
+-		       ((double)s->bytes/(double)s->creation) : -1);
++	print_fld_rate(FLD_SA, (s->creation) ?
++		       ((double)s->bytes/PF_TSTAMP((double)s->creation)) : -1);
+ 
+ #endif
+ #ifdef HAVE_PFSYNC_STATE
+@@ -1244,7 +1443,6 @@
  		FLD_ANCHOR->max_width = mx;
  		FLD_ANCHOR->norm_width = nx;
  		field_setup();
@@ -92,7 +416,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	}
  }
  #endif
-@@ -1279,7 +1304,6 @@
+@@ -1279,7 +1477,6 @@
  			FLD_LABEL->norm_width = nw;
  			FLD_LABEL->max_width = mw;
  			field_setup();
@@ -100,7 +424,120 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  		}
  	}
  #endif
-@@ -1924,6 +1948,10 @@
+@@ -1458,8 +1655,9 @@
+ void
+ print_rule(struct pf_rule *pr)
+ {
+-	static const char *actiontypes[] = { "Pass", "Block", "Scrub", "Nat",
+-	    "no Nat", "Binat", "no Binat", "Rdr", "no Rdr" };
++	static const char *actiontypes[] = { "Pass", "Block", "Scrub",
++	    "no Scrub", "Nat", "no Nat", "Binat", "no Binat", "Rdr",
++	    "no Rdr", "SynProxy Block", "Defer", "Match" };
+ 	int numact = sizeof(actiontypes) / sizeof(char *);
+ 
+ #ifdef HAVE_PF_ROUTE
+@@ -1475,8 +1673,12 @@
+ 	print_fld_str(FLD_LABEL, pr->label);
+ #endif
+ #ifdef HAVE_RULE_STATES
++#ifdef HAVE_PFSYNC_KEY
++	print_fld_size(FLD_STATS, pr->states_tot);
++#else
+ 	print_fld_size(FLD_STATS, pr->states);
+ #endif
++#endif
+ 
+ #ifdef HAVE_INOUT_COUNT_RULES
+ 	print_fld_size(FLD_PKTS, pr->packets[0] + pr->packets[1]);
+@@ -1486,7 +1688,13 @@
+ 	print_fld_size(FLD_BYTES, pr->bytes);
+ #endif
+ 	print_fld_uint(FLD_RULE, pr->nr);
+-	print_fld_str(FLD_DIR, pr->direction == PF_OUT ? "Out" : "In");
++	if (pr->direction == PF_OUT)
++		print_fld_str(FLD_DIR, "Out");
++	else if (pr->direction == PF_IN)
++		print_fld_str(FLD_DIR, "In");
++	else
++		print_fld_str(FLD_DIR, "Any");
++
+ 	if (pr->quick)
+ 		print_fld_str(FLD_QUICK, "Quick");
+ 
+@@ -1729,12 +1937,19 @@
+ 			prev->next = node;
+ 		}
+ 	}
+-	if (*root != node) {
+-		struct pf_altq_node	*prev_flat = *root;
+-		while (prev_flat->next_flat != NULL) {
+-			prev_flat = prev_flat->next_flat;
+-		}
+-		prev_flat->next_flat = node;
++}
++
++void
++pfctl_set_next_flat(struct pf_altq_node *node, struct pf_altq_node *up)
++{
++	while (node) {
++		struct pf_altq_node *next = node->next ? node->next : up;
++		if (node->children) {
++			node->next_flat = node->children;
++			pfctl_set_next_flat(node->children, next);
++		} else
++			node->next_flat = next;
++		node = node->next;
+ 	}
+ }
+ 
+@@ -1747,6 +1962,7 @@
+ 	u_int32_t		 nr;
+ 	struct queue_stats	 qstats;
+ 	u_int32_t		 nr_queues;
++	int			 ret = 0;
+ 
+ 	*inserts = 0;
+ 	memset(&pa, 0, sizeof(pa));
+@@ -1757,13 +1973,15 @@
+ 			  strerror(errno));
+ 		return (-1);
+ 	}
++
+ 	num_queues = nr_queues = pa.nr;
+ 	for (nr = 0; nr < nr_queues; ++nr) {
+ 		pa.nr = nr;
+ 		if (ioctl(pf_dev, DIOCGETALTQ, &pa)) {
+ 			msgprintf("Error Reading Queue (DIOCGETALTQ): %s",
+ 				  strerror(errno));
+-			return (-1);
++			ret = -1;
++			break;
+ 		}
+ 		if (pa.altq.qid > 0) {
+ 			pq.nr = nr;
+@@ -1773,7 +1991,8 @@
+ 			if (ioctl(pf_dev, DIOCGETQSTATS, &pq)) {
+ 				msgprintf("Error Reading Queue (DIOCGETQSTATS): %s",
+ 					  strerror(errno));
+-				return (-1);
++				ret = -1;
++				break;
+ 			}
+ 			qstats.valid = 1;
+ 			gettimeofday(&qstats.timestamp, NULL);
+@@ -1794,7 +2013,10 @@
+ 		else
+ 			--num_queues;
+ 	}
+-	return (0);
++
++	pfctl_set_next_flat(*root, NULL);
++
++	return (ret);
+ }
+ 
+ void
+@@ -1924,6 +2146,10 @@
  	    node->altq.scheduler == ALTQT_HFSC
  		)
  		print_fld_bw(FLD_BANDW, (double)node->altq.bandwidth);
@@ -111,7 +548,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	
  	if (node->altq.priority != DEFAULT_PRIORITY)
  		print_fld_uint(FLD_PRIO,
-@@ -1992,6 +2020,26 @@
+@@ -1992,6 +2218,26 @@
  					node->qstats_last.data.hfsc_stats.xmit_cnt.bytes, interval);
  		}
  		break;
@@ -138,7 +575,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	}
  
  	/* if (node->altq.scheduler != ALTQT_HFSC && interval > 0) { */
-@@ -2041,11 +2089,9 @@
+@@ -2041,11 +2287,9 @@
  	if (cachestates) {
  		show_field(FLD_SI);
  		show_field(FLD_SP);
@@ -150,7 +587,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	}
  	field_setup();
  }
-@@ -2105,8 +2151,10 @@
+@@ -2105,8 +2349,10 @@
  	line++;
  	mvprintw(line++, 6, "press any key to continue ...");
  
@@ -163,7 +600,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  }
  
  
-@@ -2142,7 +2190,6 @@
+@@ -2142,7 +2388,6 @@
  	del = atoi(cmdbuf);
  	if (del > 0) {
  		delay = del;
@@ -171,7 +608,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  	}
  }
  
-@@ -2175,7 +2222,6 @@
+@@ -2175,7 +2420,6 @@
  		/* FALLTHROUGH */
  	case 'h':
  		show_help();
@@ -179,7 +616,7 @@ $NetBSD: patch-ag,v 1.2 2010/09/18 20:48:23 wiz Exp $
  		break;
  	case 'n':
  		command_set(&cm_count, NULL);
-@@ -2349,8 +2395,6 @@
+@@ -2349,8 +2593,6 @@
  	if (rawmode && countmax == 0)
  		countmax = 1;
  
diff --git a/sysutils/pftop/patches/patch-ah b/sysutils/pftop/patches/patch-ah
index 6ace5c3bdd9..9c92be671c7 100644
--- a/sysutils/pftop/patches/patch-ah
+++ b/sysutils/pftop/patches/patch-ah
@@ -1,4 +1,8 @@
-$NetBSD: patch-ah,v 1.2 2010/09/18 20:48:23 wiz Exp $
+$NetBSD: patch-ah,v 1.3 2011/02/09 22:51:38 rumko Exp $
+$OpenBSD: patch-sf-gencode_c,v 1.1 2008/06/13 00:38:12 canacar Exp $
+
+* DragonFly compatibility
+* Patches to support PF > 4.1 taken from OpenBSD's ports.
 
 --- sf-gencode.c.orig	2007-11-07 07:34:18 +0100
 +++ sf-gencode.c	2010-09-16 01:35:22 +0200
@@ -37,7 +41,114 @@ $NetBSD: patch-ah,v 1.2 2010/09/18 20:48:23 wiz Exp $
  sf_error(const char *fmt, ...)
  {
  	va_list ap;
-@@ -482,8 +490,10 @@
+@@ -474,6 +482,106 @@
+ 			(bpf_int32)proto));
+ }
+ 
++#ifdef HAVE_PFSYNC_KEY
++static struct block *
++gen_hostop(bpf_u_int32 addr, bpf_u_int32 mask, int dir)
++{
++	struct block *b0, *b1, *b2, *bi, *bo;
++	const static int isrc_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v4);
++	const static int osrc_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v4);
++	const static int idst_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v4);
++	const static int odst_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v4);
++
++	const static int igwy1_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v4);
++	const static int ogwy1_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v4);
++	const static int igwy2_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v4);
++	const static int ogwy2_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v4);
++
++#if !defined(__DragonFly__)
++	addr = ntohl(addr);
++	mask = ntohl(mask);
++#endif
++
++	bi = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_IN);
++	bo = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_OUT);
++
++	switch (dir) {
++
++	case Q_SRC:
++		b1 = gen_mcmp(osrc_off, BPF_W, addr, mask);
++		gen_and(bo, b1);
++		b0 = gen_mcmp(isrc_off, BPF_W, addr, mask);
++		gen_and(bi, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_DST:
++		b1 = gen_mcmp(odst_off, BPF_W, addr, mask);
++		gen_and(bo, b1);
++		b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
++		gen_and(bi, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_GATEWAY:
++		/* (in && (addr == igwy1 || addr == igwy2)) ||
++		   (out && (addr == ogwy1 || addr == ogwy2))  phew! */
++		b1 = gen_mcmp(igwy1_off, BPF_W, addr, mask);
++		b0 = gen_mcmp(igwy2_off, BPF_W, addr, mask);
++		gen_or(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_mcmp(ogwy1_off, BPF_W, addr, mask);
++		b0 = gen_mcmp(ogwy2_off, BPF_W, addr, mask);
++		gen_or(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_AND:
++		b1 = gen_mcmp(isrc_off, BPF_W, addr, mask);
++		b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
++		gen_and(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_mcmp(osrc_off, BPF_W, addr, mask);
++		b0 = gen_mcmp(odst_off, BPF_W, addr, mask);
++		gen_and(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_OR:
++		b1 = gen_mcmp(isrc_off, BPF_W, addr, mask);
++		b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
++		gen_or(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_mcmp(osrc_off, BPF_W, addr, mask);
++		b0 = gen_mcmp(odst_off, BPF_W, addr, mask);
++		gen_or(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_DEFAULT:
++		b1 = gen_mcmp(isrc_off, BPF_W, addr, mask);
++		b0 = gen_mcmp(idst_off, BPF_W, addr, mask);
++		gen_or(b0, b1);
++		b0 = gen_mcmp(osrc_off, BPF_W, addr, mask);
++		gen_or(b0, b1);
++		b0 = gen_mcmp(odst_off, BPF_W, addr, mask);
++		gen_or(b0, b1);
++		break;
++
++	default:
++		sf_error("Internal error: Invalid direcion specifier: %d", dir);
++	}
++
++	b0 = gen_linktype(ETHERTYPE_IP);
++	gen_and(b0, b1);
++
++	return b1;
++}
++
++#else
+ static struct block *
+ gen_hostop(bpf_u_int32 addr, bpf_u_int32 mask, int dir)
+ {
+@@ -482,8 +590,10 @@
  	const static int gwy_off = offsetof(pf_state_t, gwy.addr.v4);
  	const static int ext_off = offsetof(pf_state_t, ext.addr.v4);
  
@@ -48,7 +159,129 @@ $NetBSD: patch-ah,v 1.2 2010/09/18 20:48:23 wiz Exp $
  
  	switch (dir) {
  
-@@ -733,13 +743,17 @@
+@@ -542,6 +652,7 @@
+ 
+ 	return b1;
+ }
++#endif
+ 
+ static struct block *
+ gen_hostcmp6(u_int off, u_int32_t *a, u_int32_t *m)
+@@ -560,6 +671,105 @@
+ 	return b1;
+ }
+ 
++#ifdef HAVE_PFSYNC_KEY
++static struct block *
++gen_hostop6(struct in6_addr *addr, struct in6_addr *mask, int dir)
++
++{
++	struct block *b0, *b1, *b2, *bi, *bo;
++	u_int32_t *a, *m;
++	const static int isrc_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v6);
++	const static int osrc_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v6);
++	const static int idst_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v6);
++	const static int odst_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v6);
++
++	const static int igwy1_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[0].v6);
++	const static int ogwy1_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[1].v6);
++	const static int igwy2_off = offsetof(pf_state_t, key[PF_SK_WIRE].addr[1].v6);
++	const static int ogwy2_off = offsetof(pf_state_t, key[PF_SK_STACK].addr[0].v6);
++
++	a = (u_int32_t *)addr;
++	m = (u_int32_t *)mask;
++
++	bi = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_IN);
++	bo = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_OUT);
++
++	switch (dir) {
++
++	case Q_SRC:
++		b1 = gen_hostcmp6(osrc_off, a, m);
++		gen_and(bo, b1);
++		b0 = gen_hostcmp6(isrc_off, a, m);
++		gen_and(bi, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_DST:
++		b1 = gen_hostcmp6(odst_off, a, m);
++		gen_and(bo, b1);
++		b0 = gen_hostcmp6(idst_off, a, m);
++		gen_and(bi, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_GATEWAY:
++		/* (in && (addr == igwy1 || addr == igwy2)) ||
++		   (out && (addr == ogwy1 || addr == ogwy2))  phew! */
++		b1 = gen_hostcmp6(igwy1_off, a, m);
++		b0 = gen_hostcmp6(igwy2_off, a, m);
++		gen_or(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_hostcmp6(ogwy1_off, a, m);
++		b0 = gen_hostcmp6(ogwy2_off, a, m);
++		gen_or(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_AND:
++		b1 = gen_hostcmp6(isrc_off, a, m);
++		b0 = gen_hostcmp6(idst_off, a, m);
++		gen_and(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_hostcmp6(osrc_off, a, m);
++		b0 = gen_hostcmp6(odst_off, a, m);
++		gen_and(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_OR:
++		b1 = gen_hostcmp6(isrc_off, a, m);
++		b0 = gen_hostcmp6(idst_off, a, m);
++		gen_or(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_hostcmp6(osrc_off, a, m);
++		b0 = gen_hostcmp6(odst_off, a, m);
++		gen_or(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_DEFAULT:
++		b1 = gen_hostcmp6(isrc_off, a, m);
++		b0 = gen_hostcmp6(idst_off, a, m);
++		gen_or(b0, b1);
++		b0 = gen_hostcmp6(osrc_off, a, m);
++		gen_or(b0, b1);
++		b0 = gen_hostcmp6(odst_off, a, m);
++		gen_or(b0, b1);
++		break;
++
++	default:
++		sf_error("Internal error: Invalid direcion specifier: %d", dir);
++	}
++
++	b0 = gen_linktype(ETHERTYPE_IPV6);
++	gen_and(b0, b1);
++
++	return b1;
++}
++#else
+ static struct block *
+ gen_hostop6(struct in6_addr *addr, struct in6_addr *mask, int dir)
+ {
+@@ -630,6 +840,7 @@
+ 	gen_and(b0, b1);
+ 	return b1;
+ }
++#endif
+ 
+ static const char *
+ get_modifier_by_id(int id)
+@@ -733,13 +944,17 @@
  		b1 = gen_proto(IPPROTO_ESP);
  		break;
  
@@ -66,7 +299,114 @@ $NetBSD: patch-ah,v 1.2 2010/09/18 20:48:23 wiz Exp $
  
  	default:
  		sf_error("Unknown protocol abbreviation");
-@@ -756,7 +770,9 @@
+@@ -748,6 +963,106 @@
+ 	return b1;
+ }
+ 
++#ifdef HAVE_PFSYNC_KEY
++struct block *
++gen_portop(int port, int proto, int dir)
++{
++	struct block *b0, *b1, *b2, *bi, *bo;
++	const static int isrc_off = offsetof(pf_state_t, key[PF_SK_STACK].port[0]);
++	const static int osrc_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[1]);
++	const static int idst_off = offsetof(pf_state_t, key[PF_SK_STACK].port[1]);
++	const static int odst_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[0]);
++
++	const static int igwy1_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[0]);
++	const static int ogwy1_off = offsetof(pf_state_t, key[PF_SK_STACK].port[1]);
++	const static int igwy2_off = offsetof(pf_state_t, key[PF_SK_WIRE].port[1]);
++	const static int ogwy2_off = offsetof(pf_state_t, key[PF_SK_STACK].port[0]);
++
++#if !defined(__DragonFly__)
++	port = ntohs(port);
++#endif
++
++	bi = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_IN);
++	bo = gen_cmp(offsetof(pf_state_t, direction), BPF_B, (bpf_int32)PF_OUT);
++
++	switch (dir) {
++
++	case Q_SRC:
++		b1 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
++		gen_and(bo, b1);
++		b0 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
++		gen_and(bi, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_DST:
++		b1 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
++		gen_and(bo, b1);
++		b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
++		gen_and(bi, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_GATEWAY:
++		/* (in && (addr == igwy1 || addr == igwy2)) ||
++		   (out && (addr == ogwy1 || addr == ogwy2))  phew! */
++		b1 = gen_cmp(igwy1_off, BPF_H, (bpf_int32)port);
++		b0 = gen_cmp(igwy2_off, BPF_H, (bpf_int32)port);
++		gen_or(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_cmp(ogwy1_off, BPF_H, (bpf_int32)port);
++		b0 = gen_cmp(ogwy2_off, BPF_H, (bpf_int32)port);
++		gen_or(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_AND:
++		b1 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
++		b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
++		gen_and(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
++		b0 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
++		gen_and(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_OR:
++		b1 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
++		b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
++		gen_or(b0, b1);
++		gen_and(bi, b1);
++		b2 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
++		b0 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
++		gen_or(b2, b0);
++		gen_and(bo, b0);
++		gen_or(b0, b1);
++		break;
++
++	case Q_DEFAULT:
++		b1 = gen_cmp(isrc_off, BPF_H, (bpf_int32)port);
++		b0 = gen_cmp(idst_off, BPF_H, (bpf_int32)port);
++		gen_or(b0, b1);
++		b0 = gen_cmp(osrc_off, BPF_H, (bpf_int32)port);
++		gen_or(b0, b1);
++		b0 = gen_cmp(odst_off, BPF_H, (bpf_int32)port);
++		gen_or(b0, b1);
++		break;
++
++	default:
++		sf_error("Internal error: Invalid direcion specifier: %d", dir);
++	}
++
++
++
++	b0 = gen_proto(proto);
++	gen_and(b0, b1);
++
++	return b1;
++}
++#else
+ struct block *
+ gen_portop(int port, int proto, int dir)
+ {
+@@ -756,7 +1071,9 @@
  	const static int gwy_off = offsetof(pf_state_t, gwy.port);
  	const static int ext_off = offsetof(pf_state_t, ext.port);
  
@@ -76,7 +416,15 @@ $NetBSD: patch-ah,v 1.2 2010/09/18 20:48:23 wiz Exp $
  
  	switch (dir) {
  
-@@ -1560,7 +1576,7 @@
+@@ -815,6 +1132,7 @@
+ 
+ 	return b1;
+ }
++#endif
+ 
+ static struct block *
+ gen_port(int port, int ip_proto, int dir)
+@@ -1560,7 +1878,7 @@
  		/* NOTREACHED */
  	}
  
diff --git a/sysutils/pftop/patches/patch-al b/sysutils/pftop/patches/patch-al
new file mode 100644
index 00000000000..c3ec89f9f98
--- /dev/null
+++ b/sysutils/pftop/patches/patch-al
@@ -0,0 +1,28 @@
+$NetBSD: patch-al,v 1.1 2011/02/09 22:51:38 rumko Exp $
+$OpenBSD: patch-cache_h,v 1.1 2008/06/13 00:38:12 canacar Exp $
+
+Patches to support PF > 4.1 taken from OpenBSD's ports.
+
+--- cache.h.orig	Tue Nov  6 23:34:18 2007
++++ cache.h	Wed Jun 11 19:50:07 2008
+@@ -31,14 +31,20 @@
+ struct sc_ent {
+         RB_ENTRY(sc_ent)    tlink;
+ 	TAILQ_ENTRY(sc_ent) qlink;
++#ifdef HAVE_PFSYNC_STATE
++	u_int32_t	    id[2];
++#else
+ 	struct pf_addr      addr[2];
++#endif
+ 	double		    peak;
+ 	double		    rate;
+ 	time_t		    t;
+ 	u_int32_t	    bytes;
++#ifndef HAVE_PFSYNC_STATE
+         u_int16_t           port[2];
+         u_int8_t            af;
+         u_int8_t            proto;
++#endif
+ };
+ 
+ int cache_init(int);