From owner-freebsd-pf@FreeBSD.ORG Mon Aug 21 23:12:21 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E50C16A4E7 for ; Mon, 21 Aug 2006 23:12:21 +0000 (UTC) (envelope-from mime@traveller.cz) Received: from ss.eunet.cz (ss.eunet.cz [193.85.228.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id A4A1F43D45 for ; Mon, 21 Aug 2006 23:12:20 +0000 (GMT) (envelope-from mime@traveller.cz) Received: from localhost.i.cz (ss.eunet.cz [193.85.228.13]) by ss.eunet.cz (8.13.6/8.13.6) with ESMTP id k7LNC8uL039012 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Tue, 22 Aug 2006 01:12:13 +0200 (CEST) (envelope-from mime@traveller.cz) From: Michal Mertl To: beno In-Reply-To: <44EA0D2F.2020200@2012.vi> References: <44E9C775.5060009@2012.vi> <55e8a96c0608211010q35b64221sad299c67f8ebb888@mail.gmail.com> <44E9EE39.3050404@2012.vi> <200608211943.12721.max@love2party.net> <44EA0D2F.2020200@2012.vi> Content-Type: text/plain Date: Tue, 22 Aug 2006 01:11:45 +0200 Message-Id: <1156201905.1294.5.camel@genius.i.cz> Mime-Version: 1.0 X-Mailer: Evolution 2.6.3 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: freebsd-pf@freebsd.org Subject: Re: Never Ask Questions On A Friday Afternoon X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Aug 2006 23:12:21 -0000 beno wrote: > Max Laier wrote: > > printf 'list="{ 10/8, 192.168.0/24 }"\npass from $list to any\n' | > > pfctl -nvf- > > > > list = "{ 10/8, 192.168.0/24 }" > > pass inet from 10.0.0.0/8 to any > > pass inet from 192.168.0.0/24 to any > > > I'm sure I misunderstand. Here is *my* code: > > shinjiru_ip_addresses="202.71.102.114 202.71.100.126 202.71.106.30 > 202.71.106.118 202.71.106.188 203.142.1.8" > directv_ip_addresses="{ 69.19.0.0/17 }" > shadday_ip_addresses="" > ssh_ip_addresses="{" $shinjiru_ip_addresses $directv_ip_addresses > $shadday_ip_addresses "}" > > The parser throws an error on the last line because it won't render > $directv_ip_addresses > Now, I could do something really ugly like this: > > ssh_ip_addresses="202.71.102.114 202.71.100.126 202.71.106.30 > 202.71.106.118 202.71.106.188 203.142.1.8 69.19.0.0/17 " > > and just say the hell with it, but I'd like to write elegant code... > TIA, > beno This (whole config file to pass info pfctl -f) works: -- directv_ip_addresses="69.19.0.0/17" sh_ip_addresses="{ $directv_ip_addresses }" -- and this doesn't: -- directv_ip_addresses="69.19.0.0/17" sh_ip_addresses="{" $directv_ip_addresses "}" -- This is exactly the kind of problem which drives me crazy but we probably have to accept the way a particular parser works. For the record - the parser, which I had similar "stupid" issues with, was from a different product. HTH Michal