Re: pf.conf macros

[jared r r spiegel <jrrs@ice-nine.org>]

On Sat, Sep 20, 2003 at 11:08:42PM -0400, Jason Houx wrote:
> 
> #incorrect
> int_net = "{" $net1 $net2 "}"
> 
> to
> 
> #correct
> int_net = "{ $net1, $net2 }"   - 
> 
> you need to remove the " " marks inside the { } and also add a ,

  mmm, not totally.

  OP has it right with the idea to use "{" $var "}", it's in manpage
  in the MACROS section right at the top.

  to answer the question wondering if it is the /24 or whatever, yeah, it
  seems to be the problem:

$ echo 'net1="12.12.12.0/24"\nnet2="14.14.0.0/16"\ntest="{" $net1 $net2 "}"' | pfctl -nvf-
net1 = "12.12.12.0/24"
net2 = "14.14.0.0/16"
stdin:3: syntax error
$ echo 'net1="12.12.12.0"\nnet2="14.14.0.0"\ntest="{" $net1 $net2 "}"' | pfctl -nvf-
net1 = "12.12.12.0"
net2 = "14.14.0.0"
test = "{ 12.12.12.0 14.14.0.0 }"
$ echo 'net1="12.12.12.0/24"\nnet2="14.14.0.0/16"\ntest="{ $net1 $net2 }"' | pfctl -nvf-
net1 = "12.12.12.0/24"
net2 = "14.14.0.0/16"
test = "{ $net1 $net2 }"

  commas are, from what i've found, always optional.

$ echo 'net1="12.12.12.0"\nnet2="14.14.0.0"\ntest="{" $net1, $net2 "}"' | pfctl -nvf-
net1 = "12.12.12.0"
net2 = "14.14.0.0"
stdin:3: syntax error

  i tried using tables instead of macros :

$ echo 'table <net1> { 12.12.12.0 }\ntable <net2> { 14.14.0.0 }\ntest= "{" <net1> <net2> "}"' | pfctl -nvf-
table <net1> { 12.12.12.0 }
table <net2> { 14.14.0.0 }
stdin:3: syntax error

  so that doesn't work without even the /netmask.

  however, this does work:

$ echo 'net1="12.12.12.0/24"\nnet2="14.14.0.0/16"\ntable <test> { $net1 $net2 }' | pfctl -nvf-
net1 = "12.12.12.0/24"
net2 = "14.14.0.0/16"
table <test> { 12.12.12.0/24 14.14.0.0/16 } 

  jared.

-- 

[ openbsd 3.4 GENERIC ( sept 15 ) // i386 ]