[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf packet filter OpenBSD 3.2

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: pf packet filter OpenBSD 3.2
From: Henning Brauer <lists-openbsd_(_at_)_bsws_(_dot_)_de>
Date: Wed, 29 Jan 2003 15:33:45 +0100
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

On Wed, Jan 29, 2003 at 03:09:23PM +0100, Arne P. Boettger wrote:
> The option to extend the syntax for broadcasts sounds reasonable.

especially since the broadcast address lookup code is also already there.
the network lookup code is already used for antispoof; whil ebeeing on it I
did the complete thing last year and added broadcast too.

> Thus something like bcast(de0) or maybe de0.bcast or de0[bcast]
> make sense, [de0] only for the network associated to an interface is
> quite limiting. And net(de0) de0.net de0[net] are all more readable
> than just [de0]...

yes, I agree.
there's one thing I'm not happy with.
this either makes 'net' and 'bcast' reserved words or leads to string
handling pains in host().

> But, for the cbq stuff, why is there a need to seperate it with
> parantheses? Is it necessary for the parser or just syntactical
> sugar?

well, I feel "cbq borrow,default" looks wrong. it may cause parser trouble
too, we never took that as an option.

-- 
http://2suck.net/hhwl.html
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Follow-Ups:
- Re: pf packet filter OpenBSD 3.2
  - From: Hannah Schroeter

References:
- Re: pf packet filter OpenBSD 3.2
  - From: Arne P. Boettger
- Re: pf packet filter OpenBSD 3.2
  - From: Henning Brauer
- Re: pf packet filter OpenBSD 3.2
  - From: Arne P. Boettger

Prev by Date: Re: pf packet filter OpenBSD 3.2
Next by Date: mailman and apache chrooted
Previous by thread: Re: pf packet filter OpenBSD 3.2
Next by thread: Re: pf packet filter OpenBSD 3.2
Index(es):
- Date
- Thread

Visit your host, monkey.org