On Wed, Feb 12, 2014 at 9:18 PM, Scott Vanderbilt <li...@datagenic.com> wrote:
> I am at my wits' end trying to figure out why I keep getting syntax errors
> when loading the pf ruleset below. The rules worked fine until I started to
> add altq rules, in anticipation of adding VOIP service to the local network.
> I am following the example in Peter Hansteen's tutorial [1] and his Book of
> PF, more or less.
>
> When checking the rule set, pfctl issues syntax errors on the two lines
> which define my child queues (indented in ruleset below), and I am at a loss
> to figure what it finds objectionable.
WHY DIDN'T YOU QUOTE THE ERROR OUTPUT?
> This is running OpenBSD 5.5-beta on i386 (Jan. 22 snapshot). The hardware is
> a Soekris 6501.
So you're saying you're running -current, but haven't read
http://www.openbsd.org/faq/current.html#20131012
?
Note: the 'queue' keyword should only be changed where it starts a
line and not in the middle of the altq line...though you'll want to
read pf.conf(5) and replace the altq line Real Soon Now...
For those following along at home, here's how I did this:
1) copy provided pf.conf lines into a file /tmp/f
2) since the error message wasn't quoted by the original poster (HINT
HINT HINT),
run "pfctl -f /tmp/f -nv" to see if more info was present that the
poster left out
3) hmm, darn. Add a blank line and rerun to verify it moves with the
'queue' line.
4) man pf.conf, search for 'queue'. scan some hits; search for 'altq'
and get *no* hits. wait, what?
5) read current.html and search for 'altq'
(No, really, those were the steps I performed.)
Philip Guenther
