How to tell if PF/Murus status from the command line?

Murus
Post Reply
RamonManuel
Posts: 9
Joined: Tue Apr 05, 2016 6:24 am

How to tell if PF/Murus status from the command line?

Post by RamonManuel » Sat Apr 09, 2016 1:03 am

Aloha,

I want to knowhow to tell if PF/Murus status from the command line. With that information I can write a script that warns me (via a notification and an email) if the Firewall is down.

Thanks,

Ramón

hany
Posts: 481
Joined: Wed Dec 10, 2014 5:20 pm

Re: How to tell if PF/Murus status from the command line?

Post by hany » Sat Apr 09, 2016 1:09 pm

If you are always in front of your Mac logged in as a user you can run the free Murus Menulet app. Notifications and email alerts are a nice idea for headless macs, we will put it in some next Menulet version.
In the mean time you can put this shell command in your script and parse its output:

Code: Select all

pfctl -si
the information you are looking for is at the very beginning of the output:

Code: Select all

MacBookPro:~ hany$ sudo pfctl -si
Password:
No ALTQ support in kernel
ALTQ related functions disabled
Status: Enabled for 0 days 00:42:48           Debug: Urgent

State Table                          Total             Rate
  current entries                       14               
  searches                          123622           48.1/s
...........................
...........................
The "Status: Enabled" string is what you are looking for.
Please take care about STDOUT and STDERR while parsing :)
I hope it helped.

Post Reply