On 2015-06-11, Jason Tubnor <ja...@tubnor.net> wrote: > As Okan stated, your 5.6 man page is still correct for 5.7. It is > only of issue when you move to 5.8-Release in November.
correct. > On 11 June 2015 at 11:51, Edgar Pettijohn III <ed...@pettijohn-web.com> wrote: >> On Jun 10, 2015, at 3:59 PM, Okan Demirmen wrote: >> >>> On Wed 2015.06.10 at 15:43 -0500, Edgar Pettijohn III wrote: >>>> I've been using spamd for a while now. I was looking through my pf.conf >>>> and noticed that I had the following rules in regards to spamd. >>>> >>>> table <spamd-white> persist >>>> table <nospamd> persist file "/etc/mail/nospamd" >>>> pass in log on egress proto tcp from any to any port smtp \ >>>> rdr-to 127.0.0.1 port spamd >>>> pass in on egress proto tcp from <nospamd> to any port smtp >>>> pass in on egress proto tcp from <spamd-white> to any port smtp >>>> pass out log on egress proto tcp to any port smtp >>>> >>>> Everything seems to work correctly, but I was thinking the rdr-to rule was >>>> wrong so I looked at spamd(8) and it shows a divert-to rule instead. When >>>> I change it to divert-to I get the following error: >>>> >>>> # pfctl -vf /etc/pf.conf >>>> >>>> /etc/pf.conf:19: address family mismatch for divert >>>> pfctl: Syntax error in config file: pf rules not loaded >>>> >>>> What should I do to fix this. Is the rdr-to rule sufficient or do I need >>>> to change it? >>> >>> Depends. 5.7 and prior used rdr-to; and -current switched to divert-to. Note that the address family mismatch error is because 5.7's pfctl parser was stricter about address families than -current. Previously it was a syntax error to specify redirecting to an IPv4 address if the other addresses on the line could match a v6 address; it was changed post-5.7 to allow the syntax (adding an implicit 'inet').
