pf.conf macros not working - syntax error

Reply: Odhiambo Washington : "Re: pf.conf macros not working - syntax error"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Stefan Haller <stefan+freebsd_at_stha.de>
Date: Thu, 26 May 2022 12:45:44 UTC

Hi,

when playing around with my pf.conf ruleset I came across the following
oddity:

If I define a macro in the following way:

> foo = "10.0.0.1"
> bar = "10.1.0.1"
> baz = "{" $foo $bar "}"

I can later use the macro $baz inside a filter rule.

However, if I store subnets in my macros it does not work. This can
easily be verify by having a file containing only the following three
lines and using `pfctl -nvf file`:

> foo = "10.0.0.0/24"
> bar = "10.1.0.0/24"
> baz = "{" $foo $bar "}"

I get:

> /tmp/test:3: syntax error

According to the section "macros" in `man 5 pf.conf` the macro
definition is totally legit. Could this be a bug in FreeBSD? Just wanted
to ask the list if I am missing something. I tested it on 13.1-RELEASE
and CURRENT, I always get a syntax error.

Best regards,
Stefan Haller