Date: Fri, 15 Apr 2005 10:12:21 -0500 From: Matthew Grooms <mgrooms@seton.org> To: McLone <mclone@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: pf rule macro help ... Message-ID: <425FD9D5.90904@seton.org> In-Reply-To: <451cb30105041416324ada3f27@mail.gmail.com> References: <425DB3F8.1070101@seton.org> <451cb30105041416324ada3f27@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the response. I can use the macros that contain host
addresses or host names. The problem occurs when I use a '/' in a macro
and then nest it inside another macro like so ...
net1 = "192.168.1.0/24"
net2 = "192.168.2.0/24"
all_nets = "{" $net1 $net2 "}"
pass from $all_nets to any
It always causes a syntax error. The pf web page says you can nest
macros so I don't know why it errors out. If you remove the "/24"
portion of the net1 & net2 macros it works fine.
I thought it may have had something to do with the fact that I am
running an AMD64 SMP kernel. So I built an i386 UP box and tested the
same four lines above ( with and without the net mask ) and got the same
result.
I know this is a volunteer effort ( and greatly appreciated at that )
but would it be possible for someone to independently confirm what I am
seeing and for someone to tell me if this is the intended behavior.
Thanks in advance,
-Matthew
McLone wrote:
> On 4/14/05, Matthew Grooms <mgrooms@seton.org> wrote:
>
>>host1 = "192.168.1.1"
>>host2 = "192.168.1.2"
>>all_hosts = "{" $host1 $host2 "}"
>>... I always get a syntax error on the "all_nets =" line.
>
> Bugs me too. AFAIK there's no way to nest macroses.
> BTW "," isn't needed.
BTW Thanks for the tip.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?425FD9D5.90904>