Date: Thu, 26 May 2022 15:40:30 +0200 From: Stefan Haller <stefan+freebsd@stha.de> To: Odhiambo Washington <odhiambo@gmail.com> Cc: User Questions <freebsd-questions@freebsd.org> Subject: Re: pf.conf macros not working - syntax error Message-ID: <Yo%2BDTrTfypWhX4Jk@stha.de> In-Reply-To: <CAAdA2WN1ecNZUqPYRVTDtJP5kFHn%2BvvPm07HAVMrcy8kxdD5tA@mail.gmail.com> References: <Yo92eH4XOc8tYNkn@stha.de> <CAAdA2WN1ecNZUqPYRVTDtJP5kFHn%2BvvPm07HAVMrcy8kxdD5tA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 26, 2022 at 04:32:01PM +0300, Odhiambo Washington wrote:
> Why do you need so many " " ? Can you please remove the double quotes
> inside the braces?
> You already quoted the foo and bar so I see no need to re-quote them inside
> the braces.
>
> [16:24 ~ ]$ pfctl -nvf file
> foo = "10.0.0.0/24"
> bar = "10.1.0.0/24"
> baz = "{ $foo $bar }"
Unfortunately, this does not work, because inside "..." macros are not
expanded. The macro baz literally contains the string "{ $foo $bar }".
If we later use the macro baz as in
> baz = "$foo $bar"
> block in from $baz to any
We get the syntax error (rightfully) on the block line.
This is also properly documented in pf.conf(5):
> MACROS
> Macros can be defined that will later be expanded in context. Macro
> names must start with a letter, and may contain letters, digits and
> underscores. Macro names may not be reserved words (for example pass,
> in, out). Macros are not expanded inside quotes.
>
> For example,
>
> ext_if = "kue0"
> all_ifs = "{" $ext_if lo0 "}"
> pass out on $ext_if from any to any
> pass in on $ext_if proto tcp from any to any port 25
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Yo%2BDTrTfypWhX4Jk>