Thanks for the response.
I understand that I could write the rule with the ips harcoded in it, but I
assume this doesnt change the fact that macros are not expanding CIDR
addresses, and this maybe a bug. I was trying more to warn about this rather
strange behaviour than to find an alternative solution.
Thanks a bunch ;)
----- Original Message -----
From: "ed" <[EMAIL PROTECTED]>
To: "Gustavo A. Baratto" <[EMAIL PROTECTED]>
Sent: Friday, August 26, 2005 7:08 PM
Subject: Re: macro doesnt expand CIDR
On Mon, 22 Aug 2005 17:34:06 -0700
"Gustavo A. Baratto" <[EMAIL PROTECTED]> wrote:
int_net="192.168.0.1/24"
john="192.168.1.3"
all="{" $int_net $john "}"
pass in quick on bge0 proto tcp from $all to 68.149.93.11 port 80
pass in quick on bge0 proto tcp from "{" "192.168.0.1/24" \
"192.168.1.3" "}" 68.149.93.11 port 80
Why not just write
pass in quick on bge0 proto tcp from {192.168.0.1/24,192.168.1.3} to \
68.149.93.11 port 80
also note there is a , in the second version. I believe the "" marks are
just to keep text together, now to separate it.
This works:
all="{192.168.0.1/24" $john "}"
I think this could be through confusing the parser, and might even be
considered buggy as you don't close the brace off.
--
http://edd.link9.net - http://irc.is-cool.net
