pfctl 0.7.0

Library for interfacing with the Packet Filter (PF) firewall on macOS
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

// Copyright 2025 Mullvad VPN AB.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.

use super::{AddrFamily, Ip, Port};
use crate::{
    conversion::{CopyTo, TryCopyTo},
    ffi,
};
use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr, SocketAddrV4, SocketAddrV6};

#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash, Default)]
pub struct Endpoint {
    ip: Ip,
    port: Port,
}

impl Endpoint {
    pub fn new<IP: Into<Ip>, PORT: Into<Port>>(ip: IP, port: PORT) -> Self {
        Endpoint {
            ip: ip.into(),
            port: port.into(),
        }
    }

    pub fn ip(&self) -> Ip {
        self.ip
    }

    pub fn port(&self) -> Port {
        self.port
    }

    pub fn get_af(&self) -> AddrFamily {
        self.ip.get_af()
    }
}

impl From<Ip> for Endpoint {
    fn from(ip: Ip) -> Self {
        Endpoint::new(ip, Port::default())
    }
}

impl From<Port> for Endpoint {
    fn from(port: Port) -> Self {
        Endpoint::new(Ip::default(), port)
    }
}

impl From<Ipv4Addr> for Endpoint {
    fn from(ip: Ipv4Addr) -> Self {
        Self::from(Ip::from(ip))
    }
}

impl From<Ipv6Addr> for Endpoint {
    fn from(ip: Ipv6Addr) -> Self {
        Self::from(Ip::from(ip))
    }
}

impl From<IpAddr> for Endpoint {
    fn from(ip: IpAddr) -> Self {
        Self::from(Ip::from(ip))
    }
}

impl From<SocketAddrV4> for Endpoint {
    fn from(socket_addr: SocketAddrV4) -> Self {
        Endpoint::new(Ip::from(*socket_addr.ip()), Port::from(socket_addr.port()))
    }
}

impl From<SocketAddrV6> for Endpoint {
    fn from(socket_addr: SocketAddrV6) -> Self {
        Endpoint::new(Ip::from(*socket_addr.ip()), Port::from(socket_addr.port()))
    }
}

impl From<SocketAddr> for Endpoint {
    fn from(socket_addr: SocketAddr) -> Self {
        match socket_addr {
            SocketAddr::V4(addr) => Endpoint::from(addr),
            SocketAddr::V6(addr) => Endpoint::from(addr),
        }
    }
}

impl TryCopyTo<ffi::pfvar::pf_rule_addr> for Endpoint {
    type Error = crate::Error;

    fn try_copy_to(&self, pf_rule_addr: &mut ffi::pfvar::pf_rule_addr) -> crate::Result<()> {
        self.ip.copy_to(&mut pf_rule_addr.addr);
        self.port
            .try_copy_to(unsafe { &mut pf_rule_addr.xport.range })?;
        Ok(())
    }
}