IPv6 and IPv4 combined rules in pf.conf

From: Dirk-Willem van Gulik <dirkx_at_webweaving.org>
Date: Wed, 08 May 2024 16:57:17 UTC
For dual stack hosts; with both an IPv4 and IPv6 CIDR that they are listening to - is there a recommended way to setup pf.conf to avoid mistakes/duplication ?

To avoid duplication in constructs such as:

	# Foo app servers
	foobarserver_host4=231.17.X.Y
	foobarserver_host6=fe80::5246:…

	# Load balancers  - direct or via tun0 in post/fail-back 
	bar_net=X.Y.Z.Z # 
	bar_net6=fe80::5246:… # 
	…

	pass in on { tun0, $ext_if }  proto udp from $bar_net  to $foobarserver_host4 port 2194 keep state
	pass in on { tun0, $ext_if }  proto udp6 from bar_net6 $var to $foobarserver_host6 port 2194 keep state

Is there some recommended way of doing this in stock FreeBSD ? Or does one usually end up with some sort of macro/generate style solution ?

Dw