Determine the state of PF firewall without modifying it

brant

brant

Hi.

I want to be able to determine the state of the PF firewall. So far, using pfctl, I have been able to enable and disable the pf firewall and in doing so I can see the state of the firewall. However, I would like to be able to check to see if it is running before I turn it on.

Also, I would like to be able to add rules to the PF firewall and then remove my rules without modifying the other rules.

Is such a thing possible?

I'm looking to do this from a software program. I'm thinking I would do this by invoking pfctl from my program.
 
brant said:
I want to be able to determine the state of the PF firewall. So far, using pfctl, I have been able to enable and disable the pf firewall and in doing so I can see the state of the firewall. However, I would like to be able to check to see if it is running before I turn it on.
Click to expand...
pfctl -s info

Also, I would like to be able to add rules to the PF firewall and then remove my rules without modifying the other rules.
Is such a thing possible?
Click to expand...
Yes, have a look at anchor in pf.conf(5).
 
You can parse the status information from the output of pfctl -s info. It's quite clumsy way to do it but unfortunately pfctl(8) doesn't have any options to produce machine-readable output. The output will be something like:

Code: 
INFO:
Status: Disabled for 0 days 00:00:09          Debug: Urgent
 
You must log in or register to reply here.
Back
Top