Skip to content

Commit

Permalink
Handle example errors with expect instead of error-chain
Browse files Browse the repository at this point in the history
  • Loading branch information
faern committed Jun 11, 2024
1 parent 7c49bc9 commit f5c3042
Show file tree
Hide file tree
Showing 5 changed files with 29 additions and 64 deletions.
15 changes: 4 additions & 11 deletions examples/add_anchor.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,25 +6,18 @@
// option. This file may not be copied, modified, or distributed
// except according to those terms.

#[macro_use]
extern crate error_chain;

use pfctl::PfCtl;
use std::env;

error_chain! {}
quick_main!(run);

fn run() -> Result<()> {
let mut pf = PfCtl::new().chain_err(|| "Unable to connect to PF")?;
fn main() {
let mut pf = PfCtl::new().expect("Unable to connect to PF");

for anchor_name in env::args().skip(1) {
pf.try_add_anchor(&anchor_name, pfctl::AnchorKind::Filter)
.chain_err(|| "Unable to add filter anchor")?;
.expect("Unable to add filter anchor");
pf.try_add_anchor(&anchor_name, pfctl::AnchorKind::Redirect)
.chain_err(|| "Unable to add redirect anchor")?;
.expect("Unable to add redirect anchor");

println!("Added {} as both a redirect and filter anchor", anchor_name);
}
Ok(())
}
33 changes: 13 additions & 20 deletions examples/add_rules.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,23 +6,17 @@
// option. This file may not be copied, modified, or distributed
// except according to those terms.

#[macro_use]
extern crate error_chain;

use pfctl::{ipnetwork, FilterRuleBuilder, PfCtl, RedirectRuleBuilder};
use std::net::Ipv4Addr;

error_chain! {}
quick_main!(run);

static ANCHOR_NAME: &str = "test.anchor";

fn run() -> Result<()> {
let mut pf = PfCtl::new().chain_err(|| "Unable to connect to PF")?;
fn main() {
let mut pf = PfCtl::new().expect("Unable to connect to PF");
pf.try_add_anchor(ANCHOR_NAME, pfctl::AnchorKind::Filter)
.chain_err(|| "Unable to add test filter anchor")?;
.expect("Unable to add test filter anchor");
pf.try_add_anchor(ANCHOR_NAME, pfctl::AnchorKind::Redirect)
.chain_err(|| "Unable to add test redirect anchor")?;
.expect("Unable to add test redirect anchor");

// Create the firewall rule instances
let pass_all_rule = FilterRuleBuilder::default()
Expand Down Expand Up @@ -95,26 +89,25 @@ fn run() -> Result<()> {

// Add the rules to the test anchor
pf.add_rule(ANCHOR_NAME, &pass_all_rule)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_rule(ANCHOR_NAME, &pass_all_ipv4_quick_rule)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_rule(ANCHOR_NAME, &pass_all_ipv6_on_utun0_rule)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_rule(ANCHOR_NAME, &block_a_private_net_rule)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_rule(ANCHOR_NAME, &pass_all_icmp_echo_req)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_rule(ANCHOR_NAME, &pass_all_icmp_port_unreach)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_rule(ANCHOR_NAME, &pass_all_icmp_timex_transit)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_rule(ANCHOR_NAME, &pass_all_icmp_timex_reassembly)
.chain_err(|| "Unable to add rule")?;
.expect("Unable to add rule");
pf.add_redirect_rule(ANCHOR_NAME, &redirect_incoming_tcp_from_port_3000_to_4000)
.chain_err(|| "Unable to add redirect rule")?;
.expect("Unable to add redirect rule");

println!("Added a bunch of rules to the {} anchor.", ANCHOR_NAME);
println!("Run this command to remove them:");
println!("sudo pfctl -a {} -F all", ANCHOR_NAME);
Ok(())
}
13 changes: 3 additions & 10 deletions examples/enable.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,23 +6,16 @@
// option. This file may not be copied, modified, or distributed
// except according to those terms.

#[macro_use]
extern crate error_chain;

use pfctl::PfCtl;

error_chain! {}
quick_main!(run);

fn run() -> Result<()> {
fn main() {
// Create a handle to the firewall. This opens the file /dev/pf and requires root.
let mut pf = PfCtl::new().chain_err(|| "Unable to connect to PF")?;
let mut pf = PfCtl::new().expect("Unable to connect to PF");

// Try to enable the firewall. Equivalent to the CLI command "pfctl -e".
match pf.enable() {
Ok(_) => println!("Enabled PF"),
Err(pfctl::Error(pfctl::ErrorKind::StateAlreadyActive, _)) => (),
err => err.chain_err(|| "Unable to enable PF")?,
err => err.expect("Unable to enable PF"),
}
Ok(())
}
15 changes: 4 additions & 11 deletions examples/flush_rules.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,27 +6,20 @@
// option. This file may not be copied, modified, or distributed
// except according to those terms.

#[macro_use]
extern crate error_chain;

use pfctl::PfCtl;
use std::env;

error_chain! {}
quick_main!(run);

fn run() -> Result<()> {
let mut pf = PfCtl::new().chain_err(|| "Unable to connect to PF")?;
fn main() {
let mut pf = PfCtl::new().expect("Unable to connect to PF");

for anchor_name in env::args().skip(1) {
match pf.flush_rules(&anchor_name, pfctl::RulesetKind::Filter) {
Ok(_) => println!("Flushed filter rules under anchor {}", anchor_name),
err => err.chain_err(|| "Unable to flush filter rules")?,
err => err.expect("Unable to flush filter rules"),
}
match pf.flush_rules(&anchor_name, pfctl::RulesetKind::Redirect) {
Ok(_) => println!("Flushed redirect rules under anchor {}", anchor_name),
err => err.chain_err(|| "Unable to flush redirect rules")?,
err => err.expect("Unable to flush redirect rules"),
}
}
Ok(())
}
17 changes: 5 additions & 12 deletions examples/transaction.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,23 +6,17 @@
// option. This file may not be copied, modified, or distributed
// except according to those terms.

#[macro_use]
extern crate error_chain;

use pfctl::PfCtl;
use std::net::Ipv4Addr;

error_chain! {}
quick_main!(run);

static ANCHOR_NAME: &str = "test.anchor";

fn run() -> Result<()> {
let mut pf = PfCtl::new().chain_err(|| "Unable to connect to PF")?;
fn main() {
let mut pf = PfCtl::new().expect("Unable to connect to PF");
pf.try_add_anchor(ANCHOR_NAME, pfctl::AnchorKind::Filter)
.chain_err(|| "Unable to add test filter anchor")?;
.expect("Unable to add test filter anchor");
pf.try_add_anchor(ANCHOR_NAME, pfctl::AnchorKind::Redirect)
.chain_err(|| "Unable to add test redirect anchor")?;
.expect("Unable to add test redirect anchor");

// Create some firewall rules that we want to set in one atomic transaction.
let trans_rule1 = pfctl::FilterRuleBuilder::default()
Expand Down Expand Up @@ -51,10 +45,9 @@ fn run() -> Result<()> {
// Execute the transaction. This will OVERWRITE any existing rules under this anchor as it's
// a set operation, not an add operation.
pf.set_rules(ANCHOR_NAME, trans_change)
.chain_err(|| "Unable to set rules")?;
.expect("Unable to set rules");

println!("Added a bunch of rules to the {} anchor.", ANCHOR_NAME);
println!("Run this command to remove them:");
println!("sudo pfctl -a {} -F all", ANCHOR_NAME);
Ok(())
}

0 comments on commit f5c3042

Please sign in to comment.