(self, anchor, includes, port, dnsport, nslist, family)
| 279 | super(OpenBsd, self).add_anchors(anchor) |
| 280 | |
| 281 | def add_rules(self, anchor, includes, port, dnsport, nslist, family): |
| 282 | inet_version = self._inet_version(family) |
| 283 | lo_addr = self._lo_addr(family) |
| 284 | |
| 285 | tables = [] |
| 286 | translating_rules = [ |
| 287 | b'pass in on lo0 %s proto tcp to %s ' |
| 288 | b'divert-to %s port %r' % (inet_version, subnet, lo_addr, port) |
| 289 | for exclude, subnet in includes if not exclude |
| 290 | ] |
| 291 | filtering_rules = [ |
| 292 | b'pass out %s proto tcp to %s ' |
| 293 | b'route-to lo0 keep state' % (inet_version, subnet) |
| 294 | if not exclude else |
| 295 | b'pass out %s proto tcp to %s' % (inet_version, subnet) |
| 296 | for exclude, subnet in includes |
| 297 | ] |
| 298 | |
| 299 | if nslist: |
| 300 | tables.append( |
| 301 | b'table <dns_servers> {%s}' % |
| 302 | b','.join([ns[1].encode("ASCII") for ns in nslist])) |
| 303 | translating_rules.append( |
| 304 | b'pass in on lo0 %s proto udp to <dns_servers> port 53 ' |
| 305 | b'rdr-to %s port %r' % (inet_version, lo_addr, dnsport)) |
| 306 | filtering_rules.append( |
| 307 | b'pass out %s proto udp to <dns_servers> port 53 ' |
| 308 | b'route-to lo0 keep state' % inet_version) |
| 309 | |
| 310 | rules = b'\n'.join(tables + translating_rules + filtering_rules) \ |
| 311 | + b'\n' |
| 312 | |
| 313 | super(OpenBsd, self).add_rules(anchor, rules) |
| 314 | |
| 315 | |
| 316 | class Darwin(FreeBsd): |
nothing calls this directly
no test coverage detected