From owner-freebsd-ipfw@FreeBSD.ORG Thu Dec 2 19:05:46 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A1B2B16A4CE for ; Thu, 2 Dec 2004 19:05:46 +0000 (GMT) Received: from lilzmailso01.liwest.at (lilzmailso01.liwest.at [212.33.55.23]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2713543D1F for ; Thu, 2 Dec 2004 19:05:46 +0000 (GMT) (envelope-from dgw@liwest.at) Received: from cm248-230.liwest.at ([81.10.248.230]) by lilzmailso01.liwest.at with esmtp (Exim 4.24) id 1CZwIE-0004iz-IF; Thu, 02 Dec 2004 20:07:06 +0100 From: Daniela To: "Reinhard Haller" , Date: Thu, 2 Dec 2004 21:13:32 +0000 User-Agent: KMail/1.5.3 References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200412022113.32652.dgw@liwest.at> Subject: Re: preprocessor questions X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: dgw@liwest.at List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Dec 2004 19:05:46 -0000 On Thursday 02 December 2004 16:03, Reinhard Haller wrote: > Hi, > > I'm using cpp as preprocessor for my firewall rules. > > I'd problems specifying macros. > > #define RULE __LINE__ > #define ldap 389 > #define ldaps 636 > #define all_ldap 389,636 > > sample1: > add RULE pass tcp from 192.168.0.0/24 to any ldap,ldaps setup > keep-state > > sample2: > add RULE pass tcp from 192.168.0.0/24 to any all_ldap setup > keep-state > > Sample 1 produces an error, while sample 2 is working. Why? Are you using IPFW 2? If no, the problem is that the preprocessor adds leading and trailing spaces to the macro expansions. In C, this doesn't matter, but IPFW doesn't like it. If you absolutely need to keep it this way, use IPFW 2. Or modify the preprocessor.