Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 May 2022 16:32:01 +0300
From:      Odhiambo Washington <odhiambo@gmail.com>
To:        Stefan Haller <stefan+freebsd@stha.de>
Cc:        User Questions <freebsd-questions@freebsd.org>
Subject:   Re: pf.conf macros not working - syntax error
Message-ID:  <CAAdA2WN1ecNZUqPYRVTDtJP5kFHn%2BvvPm07HAVMrcy8kxdD5tA@mail.gmail.com>
In-Reply-To: <Yo92eH4XOc8tYNkn@stha.de>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
On Thu, May 26, 2022 at 3:46 PM Stefan Haller <stefan+freebsd@stha.de>
wrote:

> Hi,
>
> when playing around with my pf.conf ruleset I came across the following
> oddity:
>
> If I define a macro in the following way:
>
> > foo = "10.0.0.1"
> > bar = "10.1.0.1"
> > baz = "{" $foo $bar "}"
>
> I can later use the macro $baz inside a filter rule.
>
> However, if I store subnets in my macros it does not work. This can
> easily be verify by having a file containing only the following three
> lines and using `pfctl -nvf file`:
>
> > foo = "10.0.0.0/24"
> > bar = "10.1.0.0/24"
> > baz = "{" $foo $bar "}"
>
> I get:
>
> > /tmp/test:3: syntax error
>
> According to the section "macros" in `man 5 pf.conf` the macro
> definition is totally legit. Could this be a bug in FreeBSD? Just wanted
> to ask the list if I am missing something. I tested it on 13.1-RELEASE
> and CURRENT, I always get a syntax error.
>

Why do you need so many " " ? Can you please remove the double quotes
inside the braces?
You already quoted the foo and bar so I see no need to re-quote them inside
the braces.

[16:24 ~ ]$ pfctl -nvf file
foo = "10.0.0.0/24"
bar = "10.1.0.0/24"
baz = "{ $foo $bar }"

The syntax errors go away once you change the baz = by removing unnecessary
quotes :)




-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)

[-- Attachment #2 --]
<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, May 26, 2022 at 3:46 PM Stefan Haller &lt;<a href="mailto:stefan%2Bfreebsd@stha.de">stefan+freebsd@stha.de</a>&gt; wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi,<br>
<br>
when playing around with my pf.conf ruleset I came across the following<br>
oddity:<br>
<br>
If I define a macro in the following way:<br>
<br>
&gt; foo = &quot;10.0.0.1&quot;<br>
&gt; bar = &quot;10.1.0.1&quot;<br>
&gt; baz = &quot;{&quot; $foo $bar &quot;}&quot;<br>
<br>
I can later use the macro $baz inside a filter rule.<br>
<br>
However, if I store subnets in my macros it does not work. This can<br>
easily be verify by having a file containing only the following three<br>
lines and using `pfctl -nvf file`:<br>
<br>
&gt; foo = &quot;<a href="http://10.0.0.0/24" rel="noreferrer" target="_blank">10.0.0.0/24</a>&quot;<br>
&gt; bar = &quot;<a href="http://10.1.0.0/24" rel="noreferrer" target="_blank">10.1.0.0/24</a>&quot;<br>
&gt; baz = &quot;{&quot; $foo $bar &quot;}&quot;<br>
<br>
I get:<br>
<br>
&gt; /tmp/test:3: syntax error<br>
<br>
According to the section &quot;macros&quot; in `man 5 pf.conf` the macro<br>
definition is totally legit. Could this be a bug in FreeBSD? Just wanted<br>
to ask the list if I am missing something. I tested it on 13.1-RELEASE<br>
and CURRENT, I always get a syntax error.<br></blockquote><div> </div><div>Why do you need so many &quot; &quot; ? Can you please remove the double quotes inside the braces?</div><div>You already quoted the foo and bar so I see no need to re-quote them inside the braces.</div><div><br></div>[16:24 ~ ]$ pfctl -nvf file<br>foo = &quot;<a href="http://10.0.0.0/24">10.0.0.0/24</a>&quot;<br>bar = &quot;<a href="http://10.1.0.0/24">10.1.0.0/24</a>&quot;<br><div>baz = &quot;{ $foo $bar }&quot;</div><div><br></div><div>The syntax errors go away once you change the baz = by removing unnecessary quotes :)</div><div><br></div><div> </div></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div dir="ltr"><div>Best regards,<br>Odhiambo WASHINGTON,<br>Nairobi,KE<br>+254 7 3200 0004/+254 7 2274 3223<br>&quot;<span style="font-size:12.8px">Oh, the cruft.</span><span style="font-size:12.8px">&quot;, </span><span style="font-size:12.8px">egrep -v &#39;^$|^.*#&#39; </span><span style="background-color:rgb(34,34,34);color:rgb(238,238,238);font-family:&quot;Lucida Console&quot;,Consolas,&quot;Courier New&quot;,monospace;font-size:13.6px">¯\_(ツ)_/¯</span><span style="font-size:12.8px"> :-)</span></div></div></div></div></div>
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAdA2WN1ecNZUqPYRVTDtJP5kFHn%2BvvPm07HAVMrcy8kxdD5tA>