On Friday, July 16, Sebastiaan van Erk wrote:
>
> I am a very happy user of PF, so first of all, thanks for the wonderful
> software!
>
> I do have a feature request though; consider the following example from
> the man page:
>
> ips = "{ 1.2.3.4, 1.2.3.5 }"
> pass in proto tcp from any to $ips \
> port > 1023 label "$dstaddr:$dstport"
>
> I love the list feature: it allows me to use the same ruleset over
> multiple machines, doing the customization in the lists. However, if you
> happen to have an empty list:
>
> ips = "{ }"
>
> then you get a parse error. It would be very useful if this would just
> work. The expected behavior would the be that pf not generate any rules
> at all in this case (one rule for every ip in the list = 0 rules).
Use tables instead for IP addresses.
-Toby.
