From owner-freebsd-pf@FreeBSD.ORG Fri Aug 18 18:42:17 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9030816A4DA for ; Fri, 18 Aug 2006 18:42:17 +0000 (UTC) (envelope-from purabachata@yahoo.com) Received: from web33911.mail.mud.yahoo.com (web33911.mail.mud.yahoo.com [209.191.69.189]) by mx1.FreeBSD.org (Postfix) with SMTP id 665EB43D69 for ; Fri, 18 Aug 2006 18:42:16 +0000 (GMT) (envelope-from purabachata@yahoo.com) Received: (qmail 17551 invoked by uid 60001); 18 Aug 2006 18:42:12 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=zmFrL3hgrHJGb1lWPPCR6DI58Ey/zl8ez8iDcaVt0er3tqf3lQw2tCtAYaQAtlwSodtFqhdxmML3fiDGCxbBSuti382sdBgxWcYXB3w4UYlr3DlvdJ1YoJgrGpdt2chhAM/HRM16lOJFwjL3NP2iTQX5VtuC+pDVQOLz7E/u1C8= ; Message-ID: <20060818184212.17549.qmail@web33911.mail.mud.yahoo.com> Received: from [200.88.97.251] by web33911.mail.mud.yahoo.com via HTTP; Fri, 18 Aug 2006 11:42:12 PDT Date: Fri, 18 Aug 2006 11:42:12 -0700 (PDT) From: beno - To: freebsd-pf@freebsd.org In-Reply-To: <200608182026.19006.max@love2party.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Syntax Error X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Aug 2006 18:42:17 -0000 33 Max Laier wrote:> > 5. http_ports="80 8080 7080" > > 6. ssh_ports="22" > > 7. ftp_ports="21 8021 7021" > > 8. smtp_ports="25" > > 9. pop3_ports="110" > > 10. https_ports="443" > > 11. imap_ssl_ports="993 143" > > 12. squid_ports="3128" > > 13. mysql_ports="3306" > > 14. email_ports="{" $smtp_ports $pop3_ports "}" > > 15. all_http_ports="{" $http_ports $https_ports "}" > > 16. tcp_ports= "{" $ssh_ports $ftp_ports $all_http_ports > > $imap_ssl_ports "}" > > I don't think you can put a list inside of another list. You most certainly can nest lists. It works in several examples above. For some reason--and I would like to know that reason--it doesn't work in line #16. Please help. That's a well-known problem in the pfctl-parser. Patches have been proposed but never made it to the tree - afaik. Look in the archives of this and the original ML for reasons and detailed discussion. In other words, using CIDR blocks in nested lists doesn't work? I'll research that. I hope there's a work-around! Thanks, beno --------------------------------- Stay in the know. Pulse on the new Yahoo.com. Check it out.