Hi,
I've come accross a strange parsing issue where if you have "modulate
state" set, then "set state-defaults pflow" does not set "(pflow)".
For example, the below dummy config :
set state-defaults pflow
table <foo> {192.0.2.0/24,198.51.100.0/24}
table <bar> {203.0.113.0/24}
pass in inet proto tcp from any to any port 1
pass in inet proto {tcp,udp} from any to any port 2
pass in inet proto {tcp,udp} from <foo> to <bar> port 3
pass in inet proto tcp from any to any port 4 modulate state
pass in inet proto {tcp,udp} from any to any port 5 modulate state
pass in inet proto {tcp,udp} from <bar> to <foo> port 6 modulate state
Yields the following :
$ pfctl -nvf pf.test | fgrep -v -e "(pflow)" -e "table <"
pass in inet proto tcp from any to any port = 4 flags S/SA modulate state
pass in inet proto tcp from any to any port = 5 flags S/SA modulate state
pass in inet proto udp from any to any port = 5
pass in inet proto tcp from <bar> to <foo> port = 6 flags S/SA modulate state
pass in inet proto udp from <bar> to <foo> port = 6
