Date: Fri, 15 Apr 2005 10:12:21 -0500 From: Matthew Grooms <mgrooms@seton.org> To: McLone <mclone@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: pf rule macro help ... Message-ID: <425FD9D5.90904@seton.org> In-Reply-To: <451cb30105041416324ada3f27@mail.gmail.com> References: <425DB3F8.1070101@seton.org> <451cb30105041416324ada3f27@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for the response. I can use the macros that contain host addresses or host names. The problem occurs when I use a '/' in a macro and then nest it inside another macro like so ... net1 = "192.168.1.0/24" net2 = "192.168.2.0/24" all_nets = "{" $net1 $net2 "}" pass from $all_nets to any It always causes a syntax error. The pf web page says you can nest macros so I don't know why it errors out. If you remove the "/24" portion of the net1 & net2 macros it works fine. I thought it may have had something to do with the fact that I am running an AMD64 SMP kernel. So I built an i386 UP box and tested the same four lines above ( with and without the net mask ) and got the same result. I know this is a volunteer effort ( and greatly appreciated at that ) but would it be possible for someone to independently confirm what I am seeing and for someone to tell me if this is the intended behavior. Thanks in advance, -Matthew McLone wrote: > On 4/14/05, Matthew Grooms <mgrooms@seton.org> wrote: > >>host1 = "192.168.1.1" >>host2 = "192.168.1.2" >>all_hosts = "{" $host1 $host2 "}" >>... I always get a syntax error on the "all_nets =" line. > > Bugs me too. AFAIK there's no way to nest macroses. > BTW "," isn't needed. BTW Thanks for the tip.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?425FD9D5.90904>