From owner-freebsd-pf@FreeBSD.ORG  Mon Jan 14 19:30:03 2008
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 31B7C16A417
	for <freebsd-pf@hub.freebsd.org>; Mon, 14 Jan 2008 19:30:03 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 1748C13C455
	for <freebsd-pf@hub.freebsd.org>; Mon, 14 Jan 2008 19:30:03 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m0EJU3QO004259
	for <freebsd-pf@freefall.freebsd.org>; Mon, 14 Jan 2008 19:30:03 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m0EJU2An004256;
	Mon, 14 Jan 2008 19:30:02 GMT (envelope-from gnats)
Date: Mon, 14 Jan 2008 19:30:02 GMT
Message-Id: <200801141930.m0EJU2An004256@freefall.freebsd.org>
To: freebsd-pf@FreeBSD.org
From: clemens fischer <ino-news@spotteswoode.dnsalias.org>
Cc: 
Subject: Re: kern/119661: [pf] "queue (someq, empy_acks)" doesn't work
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: clemens fischer <ino-news@spotteswoode.dnsalias.org>
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jan 2008 19:30:03 -0000

The following reply was made to PR kern/119661; it has been noted by GNATS.

From: clemens fischer <ino-news@spotteswoode.dnsalias.org>
To: bug-followup@freebsd.org, ino-news@spotteswoode.dnsalias.org
Cc:  
Subject: Re: kern/119661: [pf] "queue (someq, empy_acks)" doesn't work
Date: Mon, 14 Jan 2008 20:02:47 +0100

 as it turns out, the BNF in pf.conf(5) is wrong and the rule listing by
 "pfctl -sa" gets it wrong, too.  the former doesn't imply a particular
 order of filter options and the latter displays them in a way that
 cannot be specified as input in etc/pf.conf.
 
 to get:
 
 pass out log (all) proto tcp from any to any flags S/SA modulate state \
   label "27: outbound tcp keep state" \
   queue(interactive, tcp_ack)
 
 you must write:
 
 pass out log (all) proto tcp from any to any modulate state \
   queue (interactive, tcp_ack) \
   label "$nr: outbound $proto keep state"
 
 if you reverse the order of "queue (...)" and "label ...", the rule
 doesn't get parsed at all with no error report.
 
 
 regards, clemens