Re: using interface groups in pf tables stopped working in 13.0-RELEASE

>>> >> I can >> It looks like there’s some confusion inside pfctl about the network group. >> It ends up in pfctl_parser.c, append_addr_host(), and expects an AF_INET or >> AF_INET6, but instead gets an AF_LINK. >> >> It’s probably related to 250994 or possibly >>

Re: using interface groups in pf tables stopped working in 13.0-RELEASE

On 16 Apr 2021, at 17:58, Kristof Provost wrote: On 14 Apr 2021, at 16:16, Peter Ankerstål wrote: In pf I use the interface group syntax alot to make the configuration more readable. All interfaces are assigned to a group representing its use/vlan name. For example:

Re: using interface groups in pf tables stopped working in 13.0-RELEASE

On 14 Apr 2021, at 16:16, Peter Ankerstål wrote: In pf I use the interface group syntax alot to make the configuration more readable. All interfaces are assigned to a group representing its use/vlan name. For example: ifconfig_igb1_102="172.22.0.1/24 group iot description 'iot vlan' up"

Re: using interface groups in pf tables stopped working in 13.0-RELEASE

On 2021-04-14 11:04, Chris wrote: On 2021-04-14 10:44, Peter Ankerstål wrote: const { trusted:network mgmt:network dmz:network guest:network edmz:network \ admin:network iot:network client:network } If I reload the configuration I get the following: # pfctl -f /etc/pf.conf

Re: using interface groups in pf tables stopped working in 13.0-RELEASE

On 2021-04-14 10:44, Peter Ankerstål wrote: const { trusted:network mgmt:network dmz:network guest:network edmz:network \ admin:network iot:network client:network } If I reload the configuration I get the following: # pfctl -f /etc/pf.conf /etc/pf.conf:12: cannot create address buffer:

Re: using interface groups in pf tables stopped working in 13.0-RELEASE

const { trusted:network mgmt:network dmz:network >> guest:network edmz:network \ >>admin:network iot:network client:network } >> If I reload the configuration I get the following: >> # pfctl -f /etc/pf.conf >> /etc/pf.conf:12: cannot create address buffer: Invalid argument >> pfctl:

Re: using interface groups in pf tables stopped working in 13.0-RELEASE

On 2021-04-14 07:16, Peter Ankerstål wrote: In pf I use the interface group syntax alot to make the configuration more readable. All interfaces are assigned to a group representing its use/vlan name. For example: ifconfig_igb1_102="172.22.0.1/24 group iot description 'iot vlan' up"

Re: using interface groups in pf tables stopped working in 13.0-RELEASE

> On 14 Apr 2021, at 16:16, Peter Ankerstål wrote: > > In pf I use the interface group syntax alot to make the configuration more > readable. All interfaces are assigned to a group representing its use/vlan > name. It seems that the rest of my ruleset is also affected by this, and