From owner-freebsd-pf@FreeBSD.ORG Wed Aug 20 18:57:40 2008 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 077AA1065672 for ; Wed, 20 Aug 2008 18:57:40 +0000 (UTC) (envelope-from nicolaskarp@freE.fr) Received: from postfix1-g20.free.fr (postfix1-g20.free.fr [212.27.60.42]) by mx1.freebsd.org (Postfix) with ESMTP id C11918FC1B for ; Wed, 20 Aug 2008 18:57:39 +0000 (UTC) (envelope-from nicolaskarp@freE.fr) Received: from smtp7-g19.free.fr (smtp7-g19.free.fr [212.27.42.64]) by postfix1-g20.free.fr (Postfix) with ESMTP id 86E5B298FF75 for ; Wed, 20 Aug 2008 20:29:39 +0200 (CEST) Received: from smtp7-g19.free.fr (localhost [127.0.0.1]) by smtp7-g19.free.fr (Postfix) with ESMTP id AA554B01B9; Wed, 20 Aug 2008 20:29:37 +0200 (CEST) Received: from [127.0.0.1] (can59-1-82-66-136-161.fbx.proxad.net [82.66.136.161]) by smtp7-g19.free.fr (Postfix) with ESMTP id 08121B018D; Wed, 20 Aug 2008 20:29:36 +0200 (CEST) Message-ID: <48AC6293.4020607@freE.fr> Date: Wed, 20 Aug 2008 20:29:39 +0200 From: Nicolas KARP User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 To: Leslie Jensen References: <48AC595C.2090506@eskk.nu> In-Reply-To: <48AC595C.2090506@eskk.nu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-pf@freebsd.org Subject: Re: A problem with variable X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2008 18:57:40 -0000 Leslie Jensen a écrit : > > I've defined a variable > > proxyport = "{ 8080 }" > > The rule > > rdr on $int_if inet proto tcp from $internal_net to any / > port $proxy_services -> $proxy port $proxyport > > gives me a "Syntax error in config file:" > > I use the same variable in another rule and it does not produce a > "Syntax error" > > pass in on $int_if inet proto tcp from $internal_net to / > $proxy port $proxyport keep state > > If I change the variable in the first rule to 8080 it works. > > Can someone shed some light on this? > > Thanks > > /Leslie > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" Hi (one more time ;) ) You can't use a list in a rdr rule : see man pf.conf anf precisely the Grammar of PF.conf rdr-rule = [ "no" ] "rdr" [ "pass" [ "log" [ "(" logopts ")" ] ] ] [ "on" ifspec ] [ af ] [ protospec ] hosts [ "tag" string ] [ "tagged" string ] [ "->" ( redirhost | "{" redirhost-list "}" ) [ *portspec* ] [ *pooltype* ] ] pooltype = ( "bitmask" | "random" | "source-hash" [ ( hex-key | string-key ) ] | "round-robin" ) [ sticky-address ] portspec = "port" ( number | name ) [ ":" ( "*" | number | name ) ]