>Number: 182819 >Category: kern >Synopsis: pfctl interprets "# .... \" as multi-line comment >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Oct 08 01:10:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Adam McDougall >Release: 9.1-STABLE >Organization: >Environment: FreeBSD hostname 9.1-STABLE FreeBSD 9.1-STABLE #0 r247358: Tue Feb 26 19:02:48 EST 2013 root@build9:/usr/obj/proto/src9/src/sys/AMD64-9 amd64 >Description: Twice I've been burned by pfctl ignoring a line in pf.conf because it was preceded by a comment that happened to end in a backslash:
# pass in on blah blah blah doesn't matter this is a comment \ pass in on blah blah doesn't matter because this is treated as part of the comment I try to keep my firewall rules less than 80 chars in case I need to edit them on a dumb terminal. Sometimes I end up duplicating a line to make changes to an alternate copy and comment out the original, but if the commented out line ends in a backslash, my intended replacement is ignored. It becomes really confusing why my firewall rule is ignored yet no errors from pfctl -f. Eventually I figure it out. But in my opinion, a system that treats lines starting with # as a comment ought to unconditionally treat them as a single line comment, and not "except if it ends in a \". I don't know if this happens in any other pf implementation, or if it is intentional, but it is troublesome. I think it would be better to parse and potentially accept lines following comments. If they are faulty, pfctl will throw an error. If they are valid, they should be honored. >How-To-Repeat: # pass in on blah blah blah doesn't matter this is a comment \ pass in on blah blah doesn't matter because this is treated as part of the comment pfctl -f yourfilename, it will ignore the second line >Fix: When a # is encountered in pf.conf, unconditionally ignore the rest of the line. Might be a problem with the order things are parsed? >Release-Note: >Audit-Trail: >Unformatted: _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
