Antw: Re: preprocessor questions
reinhard.haller at interactive-net.de
Fri Dec 3 00:11:00 PST 2004
>>>> Daniela <dgw at liwest.at> 02.12.2004 22:13 >>>
>On Thursday 02 December 2004 16:03, Reinhard Haller wrote:
>> I'm using cpp as preprocessor for my firewall rules.
>> I'd problems specifying macros.
>> #define RULE __LINE__
>> #define ldap 389
>> #define ldaps 636
>> #define all_ldap 389,636
>> add RULE pass tcp from 192.168.0.0/24 to any ldap,ldaps setup
>> add RULE pass tcp from 192.168.0.0/24 to any all_ldap setup
>> Sample 1 produces an error, while sample 2 is working. Why?
>Are you using IPFW 2? If no, the problem is that the preprocessor adds
>and trailing spaces to the macro expansions. In C, this doesn't
>IPFW doesn't like it. If you absolutely need to keep it this way, use
>Or modify the preprocessor.
In fact the rule
add RULE pass tcp from 192.168.0.0/24 to any 389, 636 setup
and the rule
add RULE pass tcp from 192.168.0.0/24 to any 389 , 636 setup
for ipfw aren't identical as they should be (The second produces an
error message, caused by the blank between the number and the
This is a feature shared by IPFW1 and IPFW2 (I'm using the latter
More information about the freebsd-ipfw