Date: Wed, 27 Apr 2005 20:59:02 +0200 From: Daniel Hartmeier <daniel@benzedrine.cx> To: Greg Hennessy <Greg.Hennessy@nviz.net> Cc: freebsd-pf@freebsd.org Subject: Re: Considered BETA now [Re: New PF (OpenBSD 3.7 ***ALPHA-preview***)] Message-ID: <20050427185902.GC1264@insomnia.benzedrine.cx> In-Reply-To: <20050427185016.AB09C16@gw2.local.net> References: <200504272024.41241.max@love2party.net> <20050427185016.AB09C16@gw2.local.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 27, 2005 at 07:50:16PM +0100, Greg Hennessy wrote: > ~ # pfctl -v -s Anchors -a nbt:nbt Anchors have changed significantly in 3.7. Before, there were only two levels, like "first:second". Now they can be nested arbitrarily, and the syntax is like that of files within (sub)directories, like "first/second" "first/second/third" Note that ':' is replaced by '/' now. The semantics have also changed. Before, only the second level would actually contain rules. Now every level can contain rules. There's two forms of 'calls' now, which evaluate rules in anchors, like anchor "first/second" anchor "first/*" The first form (without the '*') will only evaluate the rules within the second anchor, while the second form will evaluate all rules within any sub-anchors of first (but not rules in first itself). See the updated pf.conf(5) man page, section ANCHORS for more details. If you've been using anchors before, you'll likely have to make some changes, at least to the syntax. Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050427185902.GC1264>