def get_tables(self, filter=None, buf_size=10):
"""Get the list of all tables.
'filter' is a PFTable object that allows you to specify the anchor of
the tables to retrieve. Return a tuple of PFTable objects containing
the currently-loaded tables.
"""
io = pfioc_table(pfrio_esize=sizeof(pfr_table))
if filter is not None:
io.pfrio_table = pfr_table(pfrt_anchor=filter.anchor)
with open(self.dev, 'w') as d:
while True:
buffer = (pfr_table * buf_size)()
io.pfrio_buffer = addressof(buffer)
io.pfrio_size = buf_size
ioctl(d, DIOCRGETTABLES, io)
if io.pfrio_size <= buf_size:
break
buf_size = io.pfrio_size
tables = []
for t in buffer[:io.pfrio_size]:
try:
addrs = self.get_addrs(PFTable(t))
except IOError, (e, s):
pass # Ignore tables of which you can't get the addresses
else:
tables.append(PFTable(t, *addrs))
def _get_rules(self, path, dev, clear):
"""Recursively retrieve rules from the specified ruleset."""
if path.endswith("/*"):
path = path[:-2]
pr = pfioc_rule(anchor=path)
if clear:
pr.action = PF_GET_CLR_CNTR
pr.rule.action = PF_PASS
ioctl(dev, DIOCGETRULES, pr)
tables = list(self.get_tables(PFTable(anchor=path)))
rules = []
for nr in range(pr.nr):
pr.nr = nr
ioctl(dev, DIOCGETRULE, pr)
if pr.anchor_call:
path = os.path.join(pr.anchor, pr.anchor_call)
rs = PFRuleset(pr.anchor_call, pr.rule)
rs.append(*self._get_rules(path, dev, clear))
rules.append(rs)
else:
rules.append(PFRule(pr.rule))
return tables + rules