On Wed, Jun 15, 2011 at 09:37:25AM +0100, Stuart Henderson wrote:
>
> perhaps a small number of people, but it can be a very serious
> issue indeed. particularly for pf.conf it needs to be crystal clear.
> compare output from these two:
>
> $ cat << EOF | pfctl -nvf -
> pass out quick on lan \
> # inet proto {udp,tcp} from {10.71.38.0/24} \
> inet proto {udp,tcp} from {10.71.38.0/24, 10.71.100.0/22} \
> to port {http, https}
> EOF
>
> $ cat << EOF | pfctl -nvf -
> pass out quick on lan \
> inet proto {udp,tcp} from {10.71.38.0/24, 10.71.100.0/22} \
> to port {http, https}
> EOF
>
so i guess we're looking for a text only (i.e. no example) solution.
here is another stab.
jmc
Index: pf.conf.5
===================================================================
RCS file: /cvs/src/share/man/man5/pf.conf.5,v
retrieving revision 1.494
diff -u -r1.494 pf.conf.5
--- pf.conf.5 20 May 2011 22:57:20 -0000 1.494
+++ pf.conf.5 15 Jun 2011 09:02:10 -0000
@@ -62,9 +62,14 @@
Some example rulesets.
.El
.Pp
+The current line can be extended over multiple lines using a backslash
+.Pq Sq \e .
Comments can be put anywhere in the file using a hash mark
.Pq Sq # ,
and extend to the end of the current line.
+Take care when commenting out text which is part of a multi-line block:
+the comment takes effect until the end of the entire block.
+.Pp
Additional configuration files can be included with the
.Ic include
keyword, for example:
