diff --git a/jail2ban/__init__.py b/jail2ban/__init__.py
index da969d1..7f0adab 100644
--- a/jail2ban/__init__.py
+++ b/jail2ban/__init__.py
@@ -15,6 +15,13 @@ PAT_PORT = r'^any(?:\s+port\s+{\w+(?:,\w+)*})?$'
 PAT_PROT = r'^(?:tcp|udp)$'
 PAT_NAME = r'^[\w\-]+$'
 
+_PFCTL_TABLE_PAT = r'''\s+(?P<addr>\S+)\n
+\s+Cleared:\s+(?P<date>\S+\s+\S+\s+\d+\s+(?:\d{2}:){2}\d{2}\s+\d{4})\n
+\s+In/Block:\s+\[\s+Packets:\s+(?P<in_pckt_block>\d+)\s+Bytes:\s+(?P<in_bytes_block>\d+)\s+\]\n
+\s+In/Pass:\s+\[\s+Packets:\s+(?P<in_pckt_pass>\d+)\s+Bytes:\s+(?P<in_bytes_pass>\d+)\s+\]\n
+\s+Out/Block:\s+\[\s+Packets:\s+(?P<out_pckt_block>\d+)\s+Bytes:\s+(?P<out_bytes_block>\d+)\s+\]\n
+\s+Out/Pass:\s+\[\s+Packets:\s+(?P<out_pckt_pass>\d+)\s+Bytes:\s+(?P<out_bytes_pass>\d+)\s+\]'''
+
 
 def untaint(pattern, string):
     '''
diff --git a/jail2ban/pfctl.py b/jail2ban/pfctl.py
index d716341..8b8851c 100644
--- a/jail2ban/pfctl.py
+++ b/jail2ban/pfctl.py
@@ -7,13 +7,6 @@ from subprocess import run
 _SUDO = '/usr/local/bin/sudo'
 _PFCTL = '/sbin/pfctl'
 
-_PFCTL_TABLE_PAT = r'''\s+(?P<addr>\S+)\n
-\s+Cleared:\s+(?P<date>\S+\s+\S+\s+\d+\s+(?:\d{2}:){2}\d{2}\s+\d{4})\n
-\s+In/Block:\s+\[\s+Packets:\s+(?P<in_pckt_block>\d+)\s+Bytes:\s+(?P<in_bytes_block>\d+)\s+\]\n
-\s+In/Pass:\s+\[\s+Packets:\s+(?P<in_pckt_pass>\d+)\s+Bytes:\s+(?P<in_bytes_pass>\d+)\s+\]\n
-\s+Out/Block:\s+\[\s+Packets:\s+(?P<out_pckt_block>\d+)\s+Bytes:\s+(?P<out_bytes_block>\d+)\s+\]\n
-\s+Out/Pass:\s+\[\s+Packets:\s+(?P<out_pckt_pass>\d+)\s+Bytes:\s+(?P<out_bytes_pass>\d+)\s+\]'''
-
 def pfctl_cfg_read(anchor):
     '''
     Read pf rules stored under a certain anchor