RE: PF BNF typo?

Thu, 02 Jun 2005 15:42:32 -0700 

Hi,

cant get a grip on the anchor rules

 anchor-rule    = "anchor" string [ ( "in" | "out" ) ] [ "on" ifspec ]
                  [ af ] [ "proto" ] [ protospec ] [ hosts ]

 trans-anchors  = ( "nat-anchor" | "rdr-anchor" | "binat-anchor" ) string
                  [ "on" ifspec ] [ af ] [ "proto" ] [ protospec ] [ hosts ]

 protospec      = "proto" ( proto-name | proto-number |
                  "{" proto-list "}" ) 

the optional [ "proto" ] in the anchor rules could crash with the "proto" 
keyword in protospec....

e.g.
        ...   proto proto www   ...

is allowed according to the BNF.

And while I am at it...
..in the filteropt rule, there is probably missing a logical or
between '"tagged" string' and "queue" :

            [ ! ] "tagged" string       
            "queue" ( string | "(" string [ [ "," ] string ] ")" )

ok, I'll stop bitching about the BNF now and skip to a couple of 
questions;

exactly what kind of characters are allowed in a "string" as referred
to in the BNF?
reading the source for parse.y ( pfctl ) it seems that alphanumeric
strings -or- strings corresponding to ispunct() and not containing 
any of the characters "(){}<>!=/#," should be legal strings...
I tried to figure out what ispunct() does, but could not understand
exactly what the man page was trying to say...

As far as I can figure out, there are two types of user-defined 
strings in PF. litteral strings enclosed in double quotes, and 
identifiers as used in e.g. a macro definition (later referred 
to with a preceding $ ).

of course you also have the keywords defined in the bnf such as "block", 
"global" and so on, but are *all* these counted reserved? (I know "block" 
is, but not sure about "global")


Magne

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
> On Behalf Of Daniel Hartmeier
> Sent: 23. mai 2005 17:29
> To: Magne Andreassen
> Cc: [email protected]
> Subject: Re: PF BNF typo?
> 
> On Sun, May 22, 2005 at 11:43:30PM +0200, Magne Andreassen wrote:
> 
> > Seems that the "load-anchor" rule is mis-spelled somewhere. 
> > It is referenced as "load-anchors" in the line rule, and defined as 
> > "load-anchor" later... not important really, but brings me 
> to my next 
> > question :
> 
> Fixed, thanks.
> 
> > Is the BNF used directly "as-is" with YACC to generate a 
> parser, or is 
> > the BNF in pf.conf manpage an edited excerpt?
> 
> The parser is not generated from the BNF syntax (never was), 
> but rather the BNF is a manual excerpt (not all productions 
> are listed), hence the possible discrepancies.
> 
> Daniel
>

Reply via email to