On Wed, Sep 9, 2015 at 4:21 AM, Joseph A Borg wrote:
> so you can have something like this, which is confusing to me but it might be
> readable to somebody else:
>
> passin on $DMZ_if
> \
> inet proto {
>
just tested this. how nice. makes the configuration file infinitely more
readable without having to hassle over extra whitespace (which is not
meaningful).
just for the record, it seems, in lists, the parser treats newline as a space
so you can have something like this, which is confusing to m
On 2015-09-04 14:30, Joseph A Borg wrote:
> I have something like this in pf.conf:
>
> services = "{
> ssh,
> \
>
On Fri, Sep 04, 2015 at 07:43:35PM +0200, Joseph A Borg wrote:
> this is all very fascinating. Is it possible to contemplate a pre-filter that
> chomps out trailing whitespace and comments? Would this overly complicate the
> parsing process and introduce security issues?
Nah... you'll loose all
On Fri, Sep 04, 2015 at 05:49:34PM -0600, Theo de Raadt wrote:
> > > --- /usr/share/man/man5/pf.conf.5 Wed Mar 5 16:22:58 2014
> > > +++ var1/man5/pf.conf.5 Thu Sep 3 16:19:21 2015
> > > @@ -63,7 +63,7 @@ A method for detecting a host's operating system.
> > > Some example rulesets.
> > >
> > --- /usr/share/man/man5/pf.conf.5 Wed Mar 5 16:22:58 2014
> > +++ var1/man5/pf.conf.5 Thu Sep 3 16:19:21 2015
> > @@ -63,7 +63,7 @@ A method for detecting a host's operating system.
> > Some example rulesets.
> > .El
> > .Pp
> > -The current line can be extended over multiple line
On 09/04/15 09:26, Raul Miller wrote:
As a general rule, whenever a syntax error is not obvious, the real
error happened before that point...
But looking at my copy of `man pf.conf`, I don't see any mention of
backslash in the section on Grammar.
The only sentence using the word backslash is th
On 09/04/15 19:43, Joseph A Borg wrote:
> this is all very fascinating. Is it possible to contemplate a pre-filter that
> chomps out trailing whitespace and comments? Would this overly complicate the
> parsing process and introduce security issues?
Backslash at end of line meaning join with next
On Fri, Sep 4, 2015 at 1:43 PM, Joseph A Borg wrote:
> I’m asking because this might improve readability, usability and security for
> less gifted users like me…
Or it might not?
Seriously, how could we even tell the difference?
I mean, I get as frustrated as anyone when I'm trying to read
doc
this is all very fascinating. Is it possible to contemplate a pre-filter that
chomps out trailing whitespace and comments? Would this overly complicate the
parsing process and introduce security issues?
I’m asking because this might improve readability, usability and security for
less gifted us
On Fri, Sep 04, 2015 at 05:51:54PM +0300, Kimmo Paasiala wrote:
> On Fri, Sep 4, 2015 at 4:02 PM, Joseph A Borg wrote:
> > maybe the syntax error should point to the line where there are extra
> > characters after the escape?
> >
> >
>
> That would require making the backslash a lexical token i
On Fri, Sep 4, 2015 at 4:02 PM, Joseph A Borg wrote:
> maybe the syntax error should point to the line where there are extra
> characters after the escape?
>
>
That would require making the backslash a lexical token in the
pf.conf(5) syntax. Now it's just a simple escape character that gets
eate
As a general rule, whenever a syntax error is not obvious, the real
error happened before that point...
But looking at my copy of `man pf.conf`, I don't see any mention of
backslash in the section on Grammar.
The only sentence using the word backslash is the one at the begining
which states "The
maybe the syntax error should point to the line where there are extra
characters after the escape?
> On 04 Sep 2015, at 14:53, Peter Hessler wrote:
>
> Backslash says "ignore the following charecter". You are using it to
> ignore the newline.
>
> If you ignore the space instead, the newline
ok got it. Treat it as an escape character. At least a note somewhere might
help the nincompoops like me.
is it possible to make it more resilient though? maybe use a different escape
character that would ignore all trailing whitespace?
heck! having a comment after the escape would be great for
Backslash says "ignore the following charecter". You are using it to
ignore the newline.
If you ignore the space instead, the newline then matters.
This is not a bug, this is 100% by design.
You'll need to ensure there are no trailing spaces after a backslash
(and we do recommend removing trail
I have something like this in pf.conf:
services= "{
ssh,
\
http, https, 8000,
8080, 8088,
17 matches
Mail list logo
