Hi @misc
I've been playing with anchors in pf (openbsd -current) observing the
following behaviour.
Given the following sample pf.conf:
ppcaetano@soekris $ > cat
pf.test
int_if="{ em1 em2 em3 }"
anchor "lan" on $int_if {
pass inet
}
It is validated correctly by pfctl:
pcaetano@soekris $ > pfctl -vnf pf.test
int_if = "{ em1 em2 em3 }"
anchor "lan" on em1 all {
pass inet all flags S/SA
}
anchor "lan" on em2 all
anchor "lan" on em3 all
Yet, the ruleset is only expanded on the first macro value.
Is this the expected behaviour?
Thank you for any clarifications.
Best regards,
Pedro Caetano
