IP Address List
Bill Marquette
bill.marquette at gmail.com
Sun Aug 13 14:15:33 UTC 2006
On 8/13/06, beno <zope at 2012.vi> wrote:
> Travis H. wrote:
> > Read http://catb.org/~esr/faqs/smart-questions.html
> > Then see the pf FAQ.
> > Try loading it, then displaying the rules it loaded.
> > This mlist is for questions that can't be answered by simple things
> > like that. Actually, all mailing lists have that characteristic, save
> > perhaps those meant for novices.
> > And the specification style he used was called CIDR, another thing to
> > wikipedia.
> Travis, if I had known what a CIDR was, then I wouldn't have bothered
> with the question. Since I didn't know what a CIDR was, how can you say
> my question wasn't *smart*? How could I possibly have found the answer
> when I didn't know the question? You're being most unfair. I'm doing the
> best I can here.
> beno
That's funny considering if you read the pf.conf man page or even
tried it you wouldn't have asked the question. The BNF syntax at the
bottom of that page is quite explicit about what is and isn't allowed.
For example, the host syntax:
host = [ "!" ] ( address [ "/" mask-bits ] | "<" string ">" )
Sure doesn't look like it takes a range to me...but hmmm, what's that
funny mask-bits thing? And what's the reference to CIDR addresses
here:
from _source_ port _source_ os _source_ to _dest_ port _dest_
This rule applies only to packets with the specified source and
destination addresses and ports.
Addresses can be specified in CIDR notation (matching netblocks),
as symbolic host names or interface names, or as any of the follow-
ing keywords:
No, if you'd read the man page, you'd have questions that you good
have googled for, or at least had a smart question such as "what does
mask-bits mean?" Further, _trying_ the syntax you asked about would
have given you the answer to your question on whether it works or not.
--Bill
More information about the freebsd-pf
mailing list