On 2008-08-02, nate <[EMAIL PROTECTED]> wrote:
> I am in the process of building a new OpenBSD 4.3 system in
> parallel to my existing 4.1 system and ran into a little
> glitch with regards to migrating my pf rule set to the new
> system.
The pfctl-based config parsers were re-unified between 4.2 and
4.3, most things just work<tm> but there are some uncommon cases
which used to work that don't now.
> ssh = "22"
> smtp = "25"
> penguin_ports = "{" $ssh $smtp "}"
For this in particular, you can simplify. Port names are looked
up from /etc/services; just write "{ ssh, smtp }". The comma is
optional - see op-list in BNF of pf.conf(5) - but imo makes it
easier to read (as does removing unnecessary macros).
> I looked at the web-based changelog of 4.1->4.2 and 4.2->4.3
> but didn't notice anything that might trigger this.
pfctl/pf.conf probably could have done with an explicit
mention, but on plus43.html you find "Improvements in the
common parser code generator for various OpenBSD daemons"
which is meant to cover this too.
