def _get_rules(self, path, dev, clear):
"""Recursively retrieve rules from the specified ruleset."""
if path.endswith("/*"):
path = path[:-2]
pr = pfioc_rule(anchor=path)
if clear:
pr.action = PF_GET_CLR_CNTR
pr.rule.action = PF_PASS
ioctl(dev, DIOCGETRULES, pr)
tables = list(self.get_tables(PFTable(anchor=path)))
rules = []
for nr in range(pr.nr):
pr.nr = nr
ioctl(dev, DIOCGETRULE, pr)
if pr.anchor_call:
path = os.path.join(pr.anchor, pr.anchor_call)
rs = PFRuleset(pr.anchor_call, pr.rule)
rs.append(*self._get_rules(path, dev, clear))
rules.append(rs)
else:
rules.append(PFRule(pr.rule))
return tables + rules
def _get_rules(self, path, dev, clear):
"""Recursively retrieve rules from the specified ruleset."""
if path.endswith("/*"):
path = path[:-2]
pr = pfioc_rule(anchor=path)
if clear:
pr.action = PF_GET_CLR_CNTR
pr.rule.action = PF_PASS
ioctl(dev, DIOCGETRULES, pr)
tables = list(self.get_tables(PFTable(anchor=path)))
rules = []
for nr in range(pr.nr):
pr.nr = nr
ioctl(dev, DIOCGETRULE, pr)
if pr.anchor_call:
path = os.path.join(pr.anchor, pr.anchor_call)
rs = PFRuleset(pr.anchor_call, pr.rule)
rs.append(*self._get_rules(path, dev, clear))
rules.append(rs)
else:
rules.append(PFRule(pr.rule))
return tables + rules
def get_ruleset(self, path="", clear=False):
"""Return a PFRuleset object containing the active ruleset.
'path' is the path of the anchor to retrieve rules from. If 'clear' is
True, per-rule statistics will be cleared.
"""
rs = PFRuleset(os.path.basename(path))
with open(self.dev, 'r') as d:
rs.append(*self._get_rules(path, d, clear))
return rs
def get_ruleset(self, path="", clear=False, **kw):
"""Return a PFRuleset object containing the active ruleset.
'path' is the path of the anchor to retrieve rules from. If 'clear' is
True, per-rule statistics will be cleared. Keyword arguments can be
passed for returning only matching rules.
"""
rs = PFRuleset(os.path.basename(path))
with open(self.dev, 'r') as d:
for rule in self._get_rules(path, d, clear):
if isinstance(rule, PFRule):
if not all((getattr(rule, attr) == value)
for (attr, value) in kw.iteritems()):
continue
rs.append(rule)
return rs
def get_ruleset(self, path="", clear=False, **kw):
"""Return a PFRuleset object containing the active ruleset.
'path' is the path of the anchor to retrieve rules from. If 'clear' is
True, per-rule statistics will be cleared. Keyword arguments can be
passed for returning only matching rules.
"""
rs = PFRuleset(os.path.basename(path))
with open(self.dev, 'r') as d:
for rule in self._get_rules(path, d, clear):
if isinstance(rule, PFRule):
if not all((getattr(rule, attr) == value)
for (attr, value) in kw.iteritems()):
continue
rs.append(rule)
return rs
def clear_rules(self, path=""):
"""Clear all rules contained in the anchor 'path'."""
self.load_ruleset(PFRuleset(), path, PF_TRANS_RULESET)
