In some email I received from Peter Postma, sie wrote: > On Sun, Dec 05, 2004 at 06:46:02PM +0100, uhel wrote: > > Hi, > > > > i've read that IPF 4.1.x supports simple macros but i've found no > > example. I updated my NetBSD box to 2.0 which has IPF 4.1.3 but it > > has an old manpage without macros.. > > Can anyone give me one or two examples howto use the marco thing? > > > > Here are a few examples: > > ext_if="ex0"; > lo_if="lo0"; > tcp_flags="S/SA"; > tcp_services="(22, 80, 443)"; > private_nets="(192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8)";
You can also nest them...e.g. net10="10.0.0.0/8"; private_nets="(192.168.0.0/16, 172.16.0.0/12, $net10)"; or.... ipf -nvf - net10="10.0.0.0/8"; private_nets="(192.168.0.0/16, 172.16.0.0/12, $net10)"; pass in from $private_nets to any ^D pass in from 192.168.0.0/16 to any pass in from 172.16.0.0/12 to any pass in from 10.0.0.0/8 to any Darren
