Re: pf.conf macros not working - syntax error

On Thu, May 26, 2022 at 3:46 PM Stefan Haller <stefan+freebsd@stha.de>
wrote:

> Hi,
>
> when playing around with my pf.conf ruleset I came across the following
> oddity:
>
> If I define a macro in the following way:
>
> > foo = "10.0.0.1"
> > bar = "10.1.0.1"
> > baz = "{" $foo $bar "}"
>
> I can later use the macro $baz inside a filter rule.
>
> However, if I store subnets in my macros it does not work. This can
> easily be verify by having a file containing only the following three
> lines and using `pfctl -nvf file`:
>
> > foo = "10.0.0.0/24"
> > bar = "10.1.0.0/24"
> > baz = "{" $foo $bar "}"
>
> I get:
>
> > /tmp/test:3: syntax error
>
> According to the section "macros" in `man 5 pf.conf` the macro
> definition is totally legit. Could this be a bug in FreeBSD? Just wanted
> to ask the list if I am missing something. I tested it on 13.1-RELEASE
> and CURRENT, I always get a syntax error.
>

Why do you need so many " " ? Can you please remove the double quotes
inside the braces?
You already quoted the foo and bar so I see no need to re-quote them inside
the braces.

[16:24 ~ ]$ pfctl -nvf file
foo = "10.0.0.0/24"
bar = "10.1.0.0/24"
baz = "{ $foo $bar }"

The syntax errors go away once you change the baz = by removing unnecessary
quotes :)




-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)