Date: Thu, 26 May 2022 16:52:57 +0300 From: Odhiambo Washington <odhiambo@gmail.com> To: Stefan Haller <stefan+freebsd@stha.de> Cc: User Questions <freebsd-questions@freebsd.org> Subject: Re: pf.conf macros not working - syntax error Message-ID: <CAAdA2WMFNx1ZBLhqCOszNuz%2BonL6TRLy_KBUvbpFEyM5cPaRHg@mail.gmail.com> In-Reply-To: <Yo%2BDTrTfypWhX4Jk@stha.de> References: <Yo92eH4XOc8tYNkn@stha.de> <CAAdA2WN1ecNZUqPYRVTDtJP5kFHn%2BvvPm07HAVMrcy8kxdD5tA@mail.gmail.com> <Yo%2BDTrTfypWhX4Jk@stha.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--0000000000003ddda305dfea846c
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Thu, May 26, 2022 at 4:40 PM Stefan Haller <stefan+freebsd@stha.de>
wrote:
> On Thu, May 26, 2022 at 04:32:01PM +0300, Odhiambo Washington wrote:
> > Why do you need so many " " ? Can you please remove the double quotes
> > inside the braces?
> > You already quoted the foo and bar so I see no need to re-quote them
> inside
> > the braces.
> >
> > [16:24 ~ ]$ pfctl -nvf file
> > foo =3D "10.0.0.0/24"
> > bar =3D "10.1.0.0/24"
> > baz =3D "{ $foo $bar }"
>
> Unfortunately, this does not work, because inside "..." macros are not
> expanded. The macro baz literally contains the string "{ $foo $bar }".
>
> If we later use the macro baz as in
>
> > baz =3D "$foo $bar"
> > block in from $baz to any
>
> We get the syntax error (rightfully) on the block line.
>
> This is also properly documented in pf.conf(5):
>
> > MACROS
> > Macros can be defined that will later be expanded in context. Mac=
ro
> > names must start with a letter, and may contain letters, digits an=
d
> > underscores. Macro names may not be reserved words (for example
> pass,
> > in, out). Macros are not expanded inside quotes.
> >
> > For example,
> >
> > ext_if =3D "kue0"
> > all_ifs =3D "{" $ext_if lo0 "}"
> > pass out on $ext_if from any to any
> > pass in on $ext_if proto tcp from any to any port 25
>
In which case then it's a bug.
freebsd-pf@ would be the right platform to address that, I believe.
--=20
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' =C2=AF\_(=E3=83=84)_/=C2=AF :-)
--0000000000003ddda305dfea846c
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div dir=3D"ltr"><br></div><br><div class=3D"gmail_quote">=
<div dir=3D"ltr" class=3D"gmail_attr">On Thu, May 26, 2022 at 4:40 PM Stefa=
n Haller <<a href=3D"mailto:stefan%2Bfreebsd@stha.de">stefan+freebsd@sth=
a.de</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"mar=
gin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1=
ex">On Thu, May 26, 2022 at 04:32:01PM +0300, Odhiambo Washington wrote:<br=
>
> Why do you need so many " " ? Can you please remove the doub=
le quotes<br>
> inside the braces?<br>
> You already quoted the foo and bar so I see no need to re-quote them i=
nside<br>
> the braces.<br>
> <br>
> [16:24 ~ ]$ pfctl -nvf file<br>
> foo =3D "<a href=3D"http://10.0.0.0/24" rel=3D"noreferrer" target=
=3D"_blank">10.0.0.0/24</a>"<br>
> bar =3D "<a href=3D"http://10.1.0.0/24" rel=3D"noreferrer" target=
=3D"_blank">10.1.0.0/24</a>"<br>
> baz =3D "{ $foo $bar }"<br>
<br>
Unfortunately, this does not work, because inside "..." macros ar=
e not<br>
expanded. The macro baz literally contains the string "{ $foo $bar }&q=
uot;.<br>
<br>
If we later use the macro baz as in<br>
<br>
> baz =3D "$foo $bar"<br>
> block in from $baz to any<br>
<br>
We get the syntax error (rightfully) on the block line.<br>
<br>
This is also properly documented in pf.conf(5):<br>
<br>
> MACROS<br>
>=C2=A0 =C2=A0 =C2=A0 Macros can be defined that will later be expanded =
in context.=C2=A0 Macro<br>
>=C2=A0 =C2=A0 =C2=A0 names must start with a letter, and may contain le=
tters, digits and<br>
>=C2=A0 =C2=A0 =C2=A0 underscores.=C2=A0 Macro names may not be reserved=
words (for example pass,<br>
>=C2=A0 =C2=A0 =C2=A0 in, out).=C2=A0 Macros are not expanded inside quo=
tes.<br>
><br>
>=C2=A0 =C2=A0 =C2=A0 For example,<br>
><br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 ext_if =3D "kue0"<b=
r>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 all_ifs =3D "{" $ex=
t_if lo0 "}"<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 pass out on $ext_if from any =
to any<br>
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 pass in=C2=A0 on $ext_if prot=
o tcp from any to any port 25<br>
</blockquote></div><div><br></div>In which case then it's a bug.<div><b=
r></div><div>freebsd-pf@ would be the right platform to address that, I bel=
ieve.</div><div><br></div><div><br clear=3D"all"><div><br></div>-- <br><div=
dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr"><div dir=3D"ltr"><d=
iv>Best regards,<br>Odhiambo WASHINGTON,<br>Nairobi,KE<br>+254 7 3200 0004/=
+254 7 2274 3223<br>"<span style=3D"font-size:12.8px">Oh, the cruft.</=
span><span style=3D"font-size:12.8px">",=C2=A0</span><span style=3D"fo=
nt-size:12.8px">egrep -v '^$|^.*#'=C2=A0</span><span style=3D"backg=
round-color:rgb(34,34,34);color:rgb(238,238,238);font-family:"Lucida C=
onsole",Consolas,"Courier New",monospace;font-size:13.6px">=
=C2=AF\_(=E3=83=84)_/=C2=AF</span><span style=3D"font-size:12.8px">=C2=A0:-=
)</span></div></div></div></div></div></div>
--0000000000003ddda305dfea846c--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAdA2WMFNx1ZBLhqCOszNuz%2BonL6TRLy_KBUvbpFEyM5cPaRHg>