From nobody Fri Jun 13 01:21:48 2025
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bJM7K6BFJz5ykDD;
	Fri, 13 Jun 2025 01:21:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4bJM7K0NXnz3LBg;
	Fri, 13 Jun 2025 01:21:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1749777709;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=V4F3BKp6+kRhPMG8wLRtFxhGpDv88WEne5jdqnQdVxs=;
	b=X4NfSZihOEzxEOVoqHdyRrwrf8/dyx9oznR9l+rCy+9k+xJ2KVBqoKjk1HQDrgwxZRUaGF
	uYYtxecWdk0ppV5G45psmcQJOsY+iorB+Hprc0JNjFrwhJywQvTs8SL1n3hIANo951m/YF
	j5PiUV2V3A82zajRiDMZ59s0ovmqWuR2J759tESKdEqnLVhKk38R230Sjvcc2UtFpMHKlZ
	sTONJUSGxdMDVX53lB93kgPc5XwAv+uFltwjG/xd/UJ3yX1uwNMaOHFk+tJMqAG9jbOhzH
	OWiAAhX1EGc23RdQos/IKPyQB06srfTuyo8tqzvGXOvNCu32HVo6TqD7hI5goA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1749777709;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=V4F3BKp6+kRhPMG8wLRtFxhGpDv88WEne5jdqnQdVxs=;
	b=D+CC1CFRgro4uHh8NRQ/yIFWfLCEoKQvo4L7WtoRm6AvCRBAzKQnPdu2y0jK6nhWVMpccr
	uDFoVBCRXLQNwGt+oW49EnQ1pryUvx8NrdIhtNQmbZAQ0vIkmKI8m4pMyiVNwxDe3gmF6D
	WLGolSyrYhCUpMLxR3Gcs6i00uNz/SqMcIA8HKSR9jTwKOUD/tJOq2eMsAqP2Brbji62pH
	RU6Yynw/d0eSLcBcO3q4tXhGpj3ninqyQx8pxivz/2eNrV/SzzU/l9vTuNGg86+t7Xeju8
	KZ3QBWrkbe0pNO3t3mAxOdoRtmxMjCK/xWY7/47nNG4RgzKKyO7u+7/oH9xZbw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1749777709; a=rsa-sha256; cv=none;
	b=aCPlCFd2daSYpYGEusS4A1ChIPPwaQStt44uNp4lH5iKe4eGuWiHHzGyEVUpfjabMkXYO5
	HNlTYK9qwRlJ7qBd07Ymnj54GPFbrmOSIHZEo+FyqwN87FqntgnET1QbVMilTSiiUGCNWB
	517UfNfOMzxSQVMXEsF+J+sByu6M9qwL+zSsM0CRFcHK2I7k52HlGIl9w7CzMPik0hOZpD
	96BqAvFiNOmo0GgVkbXilzHJE6G3DRf8SoHiG3PCXjmfxMWc2Uve1hA/2RzGrxxSpcWh2i
	ztT2AI67ZgDgIc5zzlEjeoWJU8pZI9mmLlZAAXW8L7Nc4ZpB/5XxHs8TGNotWg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bJM7J6s3lzdFp;
	Fri, 13 Jun 2025 01:21:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 55D1Lmms086630;
	Fri, 13 Jun 2025 01:21:48 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 55D1LmFs086627;
	Fri, 13 Jun 2025 01:21:48 GMT
	(envelope-from git)
Date: Fri, 13 Jun 2025 01:21:48 GMT
Message-Id: <202506130121.55D1LmFs086627@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Warner Losh <imp@FreeBSD.org>
Subject: git: 54f278caf37f - main - pf.conf.5: additional quoting
  for ranges in lists
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: imp
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 54f278caf37f9ab578ee58fc70c7b66446ea7e84
Auto-Submitted: auto-generated

The branch main has been updated by imp:

URL: https://cgit.FreeBSD.org/src/commit/?id=54f278caf37f9ab578ee58fc70c7b66446ea7e84

commit 54f278caf37f9ab578ee58fc70c7b66446ea7e84
Author:     Quentin Thébault <quentin.thebault@defenso.fr>
AuthorDate: 2024-11-07 06:13:05 +0000
Commit:     Warner Losh <imp@FreeBSD.org>
CommitDate: 2025-06-13 01:21:45 +0000

    pf.conf.5: additional quoting for ranges in lists
    
    When defining network address ranges in macros that will later be used
    as items in list macro, these ranges must be quoted with additiona
    simple quotes.
    
    For instance, the following does not work and is rejected as a syntax
    error:
    
        usr = "192.168.1.0/24"
        srv = "192.168.2.10 - 192.168.29"
        nat_ranges = "{" $usr $srv "}"
    
    Defining ranges as the following instead will work:
        usr = "'192.168.1.0/24'"
        srv = "'192.168.2.10 - 192.168.29'"
    
    MFC after: 3 days
    Reviewed by: imp, ziaee
    Pull Request: https://github.com/freebsd/freebsd-src/pull/1516
---
 share/man/man5/pf.conf.5 | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5
index a9fd9e8b29e1..30d0e4ca9904 100644
--- a/share/man/man5/pf.conf.5
+++ b/share/man/man5/pf.conf.5
@@ -100,6 +100,8 @@ Macro names may not be reserved words (for example
 .Ar in ,
 .Ar out ) .
 Macros are not expanded inside quotes.
+Ranges of network addresses used in macros that will be expanded in lists
+later on must be quoted with additional simple quotes.
 .Pp
 For example,
 .Bd -literal -offset indent
@@ -107,6 +109,11 @@ ext_if = \&"kue0\&"
 all_ifs = \&"{\&" $ext_if lo0 \&"}\&"
 pass out on $ext_if from any to any
 pass in  on $ext_if proto tcp from any to any port 25
+
+usr_lan_range = "'192.0.2.0/24'"
+srv_lan_range = "'198.51.100.0 - 198.51.100.255'"
+nat_ranges = \&"{\&" $usr_lan_range $srv_lan_range \&"}\&"
+nat on $ext_if from $nat_ranges to any -> ($ext_if)
 .Ed
 .Sh TABLES
 Tables are named structures which can hold a collection of addresses and