Hello,
</snip>
> > +of uids, which match the pass rule. The
> New sentences on its own line. I'd say
>
> Note that users 1000 and 1500 are excluded from the pass rule.
>
yes, new sentence on the new line. and your wording sounds better.
> > +.Cm :
> The port paragraph marks up those operators with Sq (single quotes),
> we should be consistent here. Cm for user and group is correct, though.
fixed.
updated manpage is below.
thanks and
regards
sashan
--------8<---------------8<---------------8<------------------8<--------
diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5
index 452a15d1cfd..fe99dc0c726 100644
--- a/share/man/man5/pf.conf.5
+++ b/share/man/man5/pf.conf.5
@@ -820,6 +820,22 @@ connections:
block out proto tcp all
pass out proto tcp from self user { < 1000, dhartmei }
.Ed
+.Pp
+The example below specifies a range of users to open outgoing
+connections:
+.Bd -literal -offset indent
+block out proto tcp all
+pass out proto tcp from self user { 1000 >< 1500 }
+.Ed
+.Pp
+Note that users 1000 and 1500 are excluded from the pass rule.
+The
+.Sq \&:
+operator, which works for port number matching, does not work for
+.Cm user
+and
+.Cm group
+match.
.El
.Ss Translation
Translation options modify either the source or destination address and
