pfctl 0.7.0

Library for interfacing with the Packet Filter (PF) firewall on macOS
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

// Copyright 2025 Mullvad VPN AB.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.

use pfctl::PfCtl;
use std::env;

fn main() {
    let mut pf = PfCtl::new().expect("Unable to connect to PF");

    for anchor_name in env::args().skip(1) {
        pf.flush_rules(&anchor_name, pfctl::RulesetKind::Filter)
            .expect("Unable to flush filter rules");
        println!("Flushed filter rules under anchor {anchor_name}");

        pf.flush_rules(&anchor_name, pfctl::RulesetKind::Nat)
            .expect("Unable to flush nat rules");
        println!("Flushed nat rules under anchor {anchor_name}");

        pf.flush_rules(&anchor_name, pfctl::RulesetKind::Redirect)
            .expect("Unable to flush redirect rules");
        println!("Flushed redirect rules under anchor {anchor_name}");

        pf.flush_rules(&anchor_name, pfctl::RulesetKind::Scrub)
            .expect("Unable to flush scrub rules");
        println!("Flushed scrub rules under anchor {anchor_name}");
    }
}