On 2009-07-17, Holger Glaess <gla...@glaessixs.de> wrote: > hi > > as an result of missconfiguration i found a line > with just an "pass". > > why did not detect the pfctl syntax parser a single lonely pass ? > > is this commando first valid if they have options , parameter like > on interface from a to b ? > > > in my mind the parser have to bring at least a warning it kills all > block rule what you have. > > is this an bug ? a missing feature ?
this is totally valid syntax, we even use it in the default pf.conf.
