diff options
Diffstat (limited to 'talpid-core/src')
| -rw-r--r-- | talpid-core/src/firewall/macos.rs | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/talpid-core/src/firewall/macos.rs b/talpid-core/src/firewall/macos.rs index 4057d03a05..d657c75328 100644 --- a/talpid-core/src/firewall/macos.rs +++ b/talpid-core/src/firewall/macos.rs @@ -5,6 +5,7 @@ use std::{ env, net::{IpAddr, Ipv4Addr}, }; +use subslice::SubsliceExt; use talpid_types::net; pub use pfctl::Error; @@ -551,11 +552,26 @@ impl Firewall { fn enable(&mut self) -> Result<()> { if self.pf_was_enabled.is_none() { - self.pf_was_enabled = Some(self.pf.is_enabled()?); + self.pf_was_enabled = Some(self.is_enabled()); } Ok(self.pf.try_enable()?) } + fn is_enabled(&self) -> bool { + let cmd = duct::cmd!("/sbin/pfctl", "-s", "info"); + const EXPECTED_OUTPUT: &'static [u8] = b"Status: Enabled"; + match cmd.run() { + Ok(output) => output.stdout.as_slice().find(&EXPECTED_OUTPUT).is_some(), + Err(err) => { + log::error!( + "Failed to execute pfctl, assuming pf is not enabled: {}", + err + ); + false + } + } + } + fn restore_state(&mut self) -> Result<()> { match self.pf_was_enabled.take() { Some(true) => Ok(self.pf.try_enable()?), |