/*
 * pfanchordrill
 *
 * part of pfSense (https://www.pfsense.org)
 * Copyright (c) 2016 Rubicon Communications, LLC (Netgate)
 * All rights reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/* Recursively check anchors for rules/nat and also for anchors inside anchors (like those used by relayd) */
function anchor_recurse($name = '') {
	$anchor_list = "";
	if ($name) {
		$name = ' -a ' . escapeshellarg($name);
	}
	exec("/sbin/pfctl -sA{$name} 2>&1", $anchor_list);
	foreach ($anchor_list as $anchor) {
		$anchor = trim($anchor);
		echo "\n{$anchor} rules/nat contents:\n";
		system("/sbin/pfctl -a " . escapeshellarg($anchor) . " -sn");
		system("/sbin/pfctl -a " . escapeshellarg($anchor) . " -sr");
		anchor_recurse($anchor);
	}
}

/* Start with a the root list of anchors */
anchor_recurse();