When playing with the blocklist I noticed that the oid directive only supports numeric OIDs. So if florian wants to use filter-pf-table in the future he'd have to set: blocklist 1.3.6.1.4.1.30155.1.9.129 which is pure insanity, if: blocklist pfTblAddrTable could be an option.
Diff below changes the "oid" parse.y definition from ober_string2oid to smi_string2oid, which allows for the locally known symbolic names. This also helps out with existing statements ("system oid", "trap handle oid", and "trap receiver", and "oid"). While here, rename sysoid to oid, since it's not used by the system oid anymore and do a little KNF. OK? martijn@ Index: parse.y =================================================================== RCS file: /cvs/src/usr.sbin/snmpd/parse.y,v retrieving revision 1.73 diff -u -p -r1.73 parse.y --- parse.y 21 Nov 2021 13:33:53 -0000 1.73 +++ parse.y 28 Jun 2022 09:02:36 -0000 @@ -666,21 +666,20 @@ optwrite : READONLY { $$ = 0; } ; oid : STRING { - struct ber_oid *sysoid; - if ((sysoid = - calloc(1, sizeof(*sysoid))) == NULL) { + struct ber_oid *oid; + if ((oid = calloc(1, sizeof(*oid))) == NULL) { yyerror("calloc"); free($1); YYERROR; } - if (ober_string2oid($1, sysoid) == -1) { + if (smi_string2oid($1, oid) == -1) { yyerror("invalid OID: %s", $1); - free(sysoid); + free(oid); free($1); YYERROR; } free($1); - $$ = sysoid; + $$ = oid; } ;