{"id":18520573,"url":"https://github.com/mullvad/pfctl-rs","last_synced_at":"2025-04-11T22:30:06.795Z","repository":{"id":46074194,"uuid":"85469403","full_name":"mullvad/pfctl-rs","owner":"mullvad","description":"Library and CLI for interfacing with the PF firewall on macOS","archived":false,"fork":false,"pushed_at":"2025-02-14T10:44:24.000Z","size":520,"stargazers_count":74,"open_issues_count":9,"forks_count":19,"subscribers_count":10,"default_branch":"main","last_synced_at":"2025-03-13T16:44:41.550Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mullvad.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-03-19T11:04:03.000Z","updated_at":"2025-02-14T10:44:25.000Z","dependencies_parsed_at":"2024-05-03T07:47:10.852Z","dependency_job_id":"357766e4-5b84-4284-9a42-918eaccfb4d5","html_url":"https://github.com/mullvad/pfctl-rs","commit_stats":{"total_commits":226,"total_committers":8,"mean_commits":28.25,"dds":0.5265486725663717,"last_synced_commit":"9caeef9ac1a4f26c516ecd35759632cda9f9ff79"},"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mullvad%2Fpfctl-rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mullvad%2Fpfctl-rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mullvad%2Fpfctl-rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mullvad%2Fpfctl-rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mullvad","download_url":"https://codeload.github.com/mullvad/pfctl-rs/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247208142,"owners_count":20901570,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T17:21:15.245Z","updated_at":"2025-04-04T16:07:02.722Z","avatar_url":"https://github.com/mullvad.png","language":"Rust","funding_links":[],"categories":["Rust"],"sub_categories":[],"readme":"# pfctl\n\nLibrary for interfacing with the Packet Filter (PF) firewall on macOS.\n\nAllows controlling the PF firewall on macOS through ioctl syscalls and the `/dev/pf` device.\n\nReading and writing to `/dev/pf` requires root permissions. So any program using this crate\nmust run as the superuser, otherwise creating the `PfCtl` instance will fail with a\n\"Permission denied\" error.\n\n## OS Compatibility\n\nPF is the firewall used in most (all?) BSD systems, but this crate only supports the macOS\nvariant for now. If it can be made to work on more BSD systems that would be great, but no work\nhas been put into that so far.\n\n## Usage and examples\n\nA lot of examples of how to use the various features of this crate can be found in the\n[integration tests] in and [examples].\n\nHere is a simple example showing how to enable the firewall and add a packet filtering rule:\n\n```rust\nextern crate pfctl;\n\n// Create a PfCtl instance to control PF with:\nlet mut pf = pfctl::PfCtl::new().unwrap();\n\n// Enable the firewall, equivalent to the command \"pfctl -e\":\npf.try_enable().unwrap();\n\n// Add an anchor rule for packet filtering rules into PF. This will fail if it already exists,\n// use `try_add_anchor` to avoid that:\nlet anchor_name = \"testing-out-pfctl\";\npf.add_anchor(anchor_name, pfctl::AnchorKind::Filter).unwrap();\n\n// Create a packet filtering rule matching all packets on the \"lo0\" interface and allowing\n// them to pass:\nlet rule = pfctl::FilterRuleBuilder::default()\n    .action(pfctl::FilterRuleAction::Pass)\n    .interface(\"lo0\")\n    .build()\n    .unwrap();\n\n// Add the filterig rule to the anchor we just created.\npf.add_rule(anchor_name, \u0026rule).unwrap();\n```\n\n## System bindings\n\nSee comments in `generate_bindings.sh` for how to generate the Rust bindings to the system\nlibraries\n\n[integration tests]: https://github.com/mullvad/pfctl-rs/tree/master/tests\n[examples]: https://github.com/mullvad/pfctl-rs/tree/master/examples\n\nLicense: MIT/Apache-2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmullvad%2Fpfctl-rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmullvad%2Fpfctl-rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmullvad%2Fpfctl-rs/lists"}