Edit which pfctl command the rule_get call does

[buttersausage]

Hi there! First things first, awesome work on this one!

I would like to know if I can get the equivalent of the pfctl -vvs rules command from the faux_api call, but the call does pfctl -sr -vv instead. Is there any way I can amend this to use the option I need?

Need this because the -vvs gives a nice list with the rule number included, while -sr -vv does not. I need this so I am able to parse the rules according to its rule number in a single call. Any help would be appreciated

[buttersausage]

Upon further testing, it seems that the rule number is in the command itself, but is not returned in the curl output.

@334(0) anchor "tftp-proxy/*" all
  [ Evaluations: 7112201   Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: pid 3540 State Creations: 0     ]
@335(0) anchor "miniupnpd" all
  [ Evaluations: 7112453   Packets: 0         Bytes: 0           States: 0     ]
  [ Inserted: pid 3540 State Creations: 0     ]

vs

      {
        "rule": "anchor \"tftp-proxy/*\" all",
        "evaluations": "7010222",
        "packets": "0",
        "bytes": "0",
        "states": "0",
        "inserted": "3540",
        "statecreations": "0"
      },
      {
        "rule": "anchor \"miniupnpd\" all",
        "evaluations": "7010467",
        "packets": "0",
        "bytes": "0",
        "states": "0",
        "inserted": "3540",
        "statecreations": "0"
      }

[ndejong]

Interesting - i recall writing this statement feeling i was not getting the source-of-truth pf rule numbers correctly - i suspect i'll adjust this to return the real pf rule-number - will need to look at this closer when i have a little more time over the weekend - N On 13 Sep 2017, at 22:40, itsmeh <notifications@github.com> wrote: I need to get the equivalent of the *pfctl -vvs rules* command from the faux_api call, but the call does *pfctl -sr -vv* instead. Is there any way I can amend this to use the option I need? Need this because the *-vvs* gives a nice list with the rule number included, while *-sr -vv* does not. Any help would be appreciated — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#13>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAM2KmVK75MTT4fQat0pK2I7M82LNzhZks5sh81FgaJpZM4PWC4m> .

[ndejong]

I've taken a look at the code behind this and can confirm that fauxapi is correctly parsing the pf-source-of-truth rule number, it might be entirely obvious because the array index number is the rule number

Right now, this means for you to obtain the rule number you will need to adjust your code to discover the array index number in your code.

I'll improve this in the next release to include a rule_number attribute that explicitly names the rule number to avoid any doubt.

I'll be adjusting the statecreations attribute to be more correct as well with state_creations instead

[ndejong]

Following up on this

New release (1.3) is due shortly and will add a number (as in rule number) attribute and changes statecreations to the slightly more correct state_creations

Closing