> On Fri, Jul 17, 2009 at 09:59:51AM +0200, Holger Glaess wrote: > >> hi >> >> as an result of missconfiguration i found a line >> with just an "pass". >> >> why did not detect the pfctl syntax parser a single lonely pass ? >> >> is this commando first valid if they have options , parameter like >> on interface from a to b ? >> >> >> in my mind the parser have to bring at least a warning it kills all >> block rule what you have. >> >> is this an bug ? a missing feature ? >> >> holger > > Ehh, > > please describe your problem better. Show the pf.conf. What did you > expect? What happened? Why might this be a bug? Compare what's > happening with the documentation. It might just be a misunderstanding > on your side. > > -Otto > > sorry ....... for my bad ugly english i have less practice .
i talk about from a line with just "pass" nothing else. example. ---- pf.conf ----- block in on wan all block out on wan all # correct line ex. pass in on wan from any to http-server port 80 # kills block rule in/out this is the my question. pass i hope that deescribe it better ;) holger
