[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pf packet filter OpenBSD 3.2
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: pf packet filter OpenBSD 3.2
- From: Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de>
- Date: Wed, 29 Jan 2003 15:33:45 +0100
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
On Wed, Jan 29, 2003 at 03:09:23PM +0100, Arne P. Boettger wrote:
> The option to extend the syntax for broadcasts sounds reasonable.
especially since the broadcast address lookup code is also already there.
the network lookup code is already used for antispoof; whil ebeeing on it I
did the complete thing last year and added broadcast too.
> Thus something like bcast(de0) or maybe de0.bcast or de0[bcast]
> make sense, [de0] only for the network associated to an interface is
> quite limiting. And net(de0) de0.net de0[net] are all more readable
> than just [de0]...
yes, I agree.
there's one thing I'm not happy with.
this either makes 'net' and 'bcast' reserved words or leads to string
handling pains in host().
> But, for the cbq stuff, why is there a need to seperate it with
> parantheses? Is it necessary for the parser or just syntactical
well, I feel "cbq borrow,default" looks wrong. it may cause parser trouble
too, we never took that as an option.
Unix is very simple, but it takes a genius to understand the simplicity.
Visit your host, monkey.org