Sort filters alphabetically; make it easier to add ipf.

external/bsd/blacklist/libexec/blacklistd-helper

@@ -9,11 +9,15 @@
 # $6 port
 # $7 id
 
-if [ -f /etc/pf.conf ]; then
-	pf="pf"
-elif [ -f /etc/npf.conf ]; then
-	pf="npf"
-else
+pf=
+for f in npf pf; do
+	if [ -f "/etc/$f.conf" ]; then
+		pf="$f"
+		break
+	fi
+done
+
+if [ -z "$pf" ]; then
 	echo "$0: Unsupported packet filter" 1>&2
 	exit 1
 fi
@@ -26,8 +30,8 @@ if [ -n "$6" ]; then
 	port="port $6"
 fi
 
-addr=$4
-mask=$5
+addr="$4"
+mask="$5"
 case "$4" in
 ::ffff:*.*.*.*)
 	if [ "$5" = 128 ]; then
@@ -39,34 +43,34 @@ esac
 case "$1" in
 add)
 	case "$pf" in
+	npf)
+		/sbin/npfctl rule "$2" add block in final $proto from \
+		    "$addr/$mask" to any $port
+		;;
 	pf)
 		# insert $ip/$mask into per-protocol anchored table
 		/sbin/pfctl -a "$2" -t "port$6" -T add "$addr/$mask"
 		echo "block in quick $proto from <port$6> to any $port" | \
 		    /sbin/pfctl -a "$2" -f -
 		;;
-	npf)
-		/sbin/npfctl rule $2 add block in final $proto from \
-		    $addr/$mask to any $port
-		;;
 	esac
 	;;
 rem)
 	case "$pf" in
-	pf)
-		/sbin/pfctl -a "$2" -t "port$6" -T delete "$addr/$mask"
-		;;
 	npf)
 		/sbin/npfctl rule "$2" rem-id "$7"
 		;;
+	pf)
+		/sbin/pfctl -a "$2" -t "port$6" -T delete "$addr/$mask"
+		;;
 	esac
 	;;
 flush)
 	case "$pf" in 
-	pf)
-		/sbin/pfctl -a "$2" -t "port$6" -T flush
 	npf)
 		/sbin/npfctl rule "$2" flush
+	pf)
+		/sbin/pfctl -a "$2" -t "port$6" -T flush
 	esac
 	;;
 *)