On Wed, Feb 19, 2003 at 08:41:43PM +0100, Cedric Berger wrote: > Jason Dixon wrote: > > >I just finished upgrading a 3.2 -stable box to yesterday's snapshot to > >try out the new IP ID feature (where is that documented?). Anyhoo, > >there was one rule in the pf.conf that was fine in 3.2, but the snapshot > >is choking on: > > > >pass in on $ext_if proto tcp from $other_net to ($int_if)/24 flags S/SA > >modulate state > > > >I assumed it was due to the expansion "($int_if)/24", so I tried with a > >single IP, and that fixed it. What is the new syntax like for cidr > >expansion on an interface? I can't find any examples in the manpage. > > > $int_if:network probably
well, of course that works fine, and of course $int_if/24 does too, but ($int_if)/24 does _not_. did that EVER work correctly? off to check pf.c ... -- Henning Brauer, BS Web Services, http://bsws.de [EMAIL PROTECTED] - [EMAIL PROTECTED] Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
