From nobody Mon Jul 7 13:58:08 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bbQmx042Vz61n1h; Mon, 07 Jul 2025 13:58:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4bbQmw60YSz3PWp; Mon, 07 Jul 2025 13:58:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1751896688; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IW85R7R4IQ7NLt+jpHQ+W2lAh3beBaczb7U6MAfU1Fw=; b=tbdYy4i/X4SWw3srIvB4scjoQyi/Xjt2vQVjV2AnGMRJrF/t7EKkwhXOAXJg+5NAOkSeDu buvRztjR3sUiULhccG+yHUTd7n6xkA4LSjwpFPa7fpZzpgbcxjARvB4hX3phl8qj7cY4p3 QfuNFDr0Jiamjzjw8PcV9Gu+lyW3be+ZqfqP6H/T/P5UlEWH/vRKeVvL3RHRRRkueFYRqM 9d3JIs5gKfgQ8KkSjXBuFSiOuJxxZTJMeb2d7GaUNCMoHwun2lzDNMCGg14FobC9Tq+oA4 pFrdt6GfB7kt/LUiWkhTeRsPd00iwvUwLdUUB4z+e5ROnwXN63fYTH9Kgv3QTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1751896688; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IW85R7R4IQ7NLt+jpHQ+W2lAh3beBaczb7U6MAfU1Fw=; b=tkjqislcjVdnADe04dqCgzspa6fhmGjVoX+5KaBl3Ldn/d2euKLRp514tERKgRPbdluNnl dK/9F62s72Lg3CfB2aLj8oqERhdJIuAyyGP/rTipD8xmKxZdfd6D1IjGp9d2T+ngCH5sza 95W9tNGi6KPmQrH/IqFaPVTY1fU+WQHtvfFayK5Ufx7B3ydxFO+oJQ2LXvJePzAjUCmTOE vAymS/AFsSeiTAGz9LoWDJ6TFHS3kRo4+cqQNbhSV3teGMb5VwAZBVnCpb1zx+RpFIvqZo K96Vg4qDFq1fYxcYCcz6jZ51Aa+rYgq9r2HOdflQizfPTVhYTyr4K/C3uD72SA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1751896688; a=rsa-sha256; cv=none; b=WlZZSgenZQ301AGdzerFIcy3mjC01Nx4hOv9Eoo/fYts/Z6En+f7aJQmwJu+12v6stBxkS 20qTlVewv54OIGe5ItJoAUo7ACyaLWJnwqtqvTouVlQ7OveyfwXlQD2VZHoFA+vyAZBPh9 jEiYTznf7vIouNbXQShusW84iaY1Dr3DsvDBj2yqSpCmx9WLIK3TJIKEFxMx3RfQmUAHyC hy0BkXvm+FbNMYX19alx+SqKqT/z+8pTgfzJxvIeiwQuZ9Nh1KcK9Vc80vAju/z+Ji+1gy BWVbAms3O0KdRQS84aqS6lwQEoILLGUZVZBFIMPnHpJRXAc2gJ/PJVEqRU5H4Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bbQmw5YGGztVd; Mon, 07 Jul 2025 13:58:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 567Dw8E3083826; Mon, 7 Jul 2025 13:58:08 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 567Dw8DY083824; Mon, 7 Jul 2025 13:58:08 GMT (envelope-from git) Date: Mon, 7 Jul 2025 13:58:08 GMT Message-Id: <202507071358.567Dw8DY083824@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Warner Losh Subject: git: 0077daf9cdc4 - stable/14 - pf.conf.5: additional quoting for ranges in lists List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 0077daf9cdc45cf36e7cc2ca3b65252194221400 Auto-Submitted: auto-generated The branch stable/14 has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=0077daf9cdc45cf36e7cc2ca3b65252194221400 commit 0077daf9cdc45cf36e7cc2ca3b65252194221400 Author: Quentin Thébault AuthorDate: 2024-11-07 06:13:05 +0000 Commit: Warner Losh CommitDate: 2025-07-07 13:57:01 +0000 pf.conf.5: additional quoting for ranges in lists When defining network address ranges in macros that will later be used as items in list macro, these ranges must be quoted with additiona simple quotes. For instance, the following does not work and is rejected as a syntax error: usr = "192.168.1.0/24" srv = "192.168.2.10 - 192.168.29" nat_ranges = "{" $usr $srv "}" Defining ranges as the following instead will work: usr = "'192.168.1.0/24'" srv = "'192.168.2.10 - 192.168.29'" MFC after: 3 days Reviewed by: imp, ziaee Pull Request: https://github.com/freebsd/freebsd-src/pull/1516 (cherry picked from commit 54f278caf37f9ab578ee58fc70c7b66446ea7e84) --- share/man/man5/pf.conf.5 | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index 0b73ba6b5e02..697711a8306c 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -100,6 +100,8 @@ Macro names may not be reserved words (for example .Ar in , .Ar out ) . Macros are not expanded inside quotes. +Ranges of network addresses used in macros that will be expanded in lists +later on must be quoted with additional simple quotes. .Pp For example, .Bd -literal -offset indent @@ -107,6 +109,11 @@ ext_if = \&"kue0\&" all_ifs = \&"{\&" $ext_if lo0 \&"}\&" pass out on $ext_if from any to any pass in on $ext_if proto tcp from any to any port 25 + +usr_lan_range = "'192.0.2.0/24'" +srv_lan_range = "'198.51.100.0 - 198.51.100.255'" +nat_ranges = \&"{\&" $usr_lan_range $srv_lan_range \&"}\&" +nat on $ext_if from $nat_ranges to any -> ($ext_if) .Ed .Sh TABLES Tables are named structures which can hold a collection of addresses and