BNF Syntax of pf commands
Dave
dfeustel at mindspring.com
Mon Jul 21 17:01:55 UTC 2008
On Mon, Jul 21, 2008 at 05:40:55AM -0700, Jeremy Chadwick wrote:
>On Mon, Jul 21, 2008 at 12:38:00PM +0000, Dave wrote:
>> I'm looking for a BNF description of the PF ruleset.
>> Is that available somewhere?
>
>It's in the manpage, section GRAMMAR.
>
>http://www.freebsd.org/cgi/man.cgi?query=pf.conf&apropos=0&sektion=5&manpath=FreeBSD+7.0-stable&format=html#end
Thanks! I had just found this myself using google and noticed that the bnf is
coded up by hand instead of via yacc or bison. The reason I got interested in
this is that I saw pretty clear indications on my OpenBSD 4,3 pf firewall that
certain 'equivalent' rules (differing only the presence or absence of
'optional' syntactic sugar keywords ) in my pf.conf file did not produce
identical behavior from pf. I've started wondering about how one would
implement regression testing on pf.
More information about the freebsd-pf
mailing list