Print pfctl error message when it returns non-zero.

If pfctl returns non-zero when setting up the firewall, sshuttle exits and indicates the exit status code. This patch makes it so the output of pfctl is also printed so the user can get a better idea of what caused the problem. For example: issue #491
author: Scott Kuhl <kuhl@mtu.edu> 2021-06-30 13:57:54 -0400
committer: Scott Kuhl <kuhl@mtu.edu> 2021-06-30 14:13:13 -0400
commit: d7e257642e5fbae090d0a6e287888d246753b667 (patch)
tree: 730b286fbf56d288e796f16f6db416f1631da4d3
parent: 58c264ff1c28ca2f780c86ba79ba58cd21050617 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/sshuttle/methods/pf.py b/sshuttle/methods/pf.py
index be46be7..dd8e245 100644
--- a/sshuttle/methods/pf.py
+++ b/sshuttle/methods/pf.py
@@ -11,8 +11,8 @@ from fcntl import ioctl
 from ctypes import c_char, c_uint8, c_uint16, c_uint32, Union, Structure, \
     sizeof, addressof, memmove
 from sshuttle.firewall import subnet_weight
-from sshuttle.helpers import debug1, debug2, debug3, Fatal, family_to_string, \
-    get_env, which
+from sshuttle.helpers import log, debug1, debug2, debug3, Fatal, \
+     family_to_string, get_env, which
 from sshuttle.methods import BaseMethod
 
 
@@ -393,6 +393,10 @@ def pfctl(args, stdin=None):
                           env=get_env())
     o = p.communicate(stdin)
     if p.returncode:
+        log('%r returned %d, stdout and stderr follows: ' %
+            (argv, p.returncode))
+        log("stdout:\n%s" % o[0].decode("ascii"))
+        log("stderr:\n%s" % o[1].decode("ascii"))
         raise Fatal('%r returned %d' % (argv, p.returncode))
 
     return o
author	Scott Kuhl <kuhl@mtu.edu>	2021-06-30 13:57:54 -0400
committer	Scott Kuhl <kuhl@mtu.edu>	2021-06-30 14:13:13 -0400
commit	d7e257642e5fbae090d0a6e287888d246753b667 (patch)
tree	730b286fbf56d288e796f16f6db416f1631da4d3
parent	58c264ff1c28ca2f780c86ba79ba58cd21050617 (diff)