Another Lists/Macros Question

[Michal Mertl]

Jon Simola wrote:
> On 8/22/06, beno <zope at 2012.vi> wrote:
> > This is accepted by the pfclt compiler just fine:
> >
> > http_ports="80 8080 7080"
> > ssh_ports="22"
> > ftp_ports="21 8021 7021"
> > smtp_ports="25"
> > pop3_ports="110"
> > https_ports="443"
> > imap_ssl_ports="993 143"
> > squid_ports="3128"
> > mysql_ports="3306"
> > email_ports='"{' $smtp_ports $pop3_ports '}"'
> > all_http_ports='"{' $http_ports $https_ports '}"'
> > tcp_ports= "{" $ssh_ports $ftp_ports $all_http_ports $imap_ssl_ports "}"
> 
> Not here:
> 
> # pfctl -vvnf ./pf-beno-test
> http_ports = "80 8080 7080"
> ssh_ports = "22"
> ftp_ports = "21 8021 7021"
> smtp_ports = "25"
> pop3_ports = "110"
> https_ports = "443"
> imap_ssl_ports = "993 143"
> squid_ports = "3128"
> mysql_ports = "3306"
> email_ports = ""{ 25 110 }""
> all_http_ports = ""{ 80 8080 7080 443 }""
> tcp_ports = "{ 22 21 8021 7021 { 80 8080 7080 443 } 993 143 }"
> 
> Note the nested braces in the last line - that is your problem.

And the fix is to omit braces in definitions and use them with actual
rules.

For example this pf config file works:
----
smtp_ports = 25 465
pop3_ports = 110 995
email_ports = $smtp_ports $pop3_ports
pass in proto tcp from any to any port { $email_ports }
----

Note that no quoting is necessary here and the parser doesn't care much
about whitespace. If you run pfctl with "-v" you shall see the macro
expansion which should help in understanding the parser and finding out
errors.

Michal