On 3/16/07, Ryan Corder <[EMAIL PROTECTED]> wrote:
On Fri, 2007-03-16 at 11:09 +0100, Alexander Hall wrote:
> Ryan Corder wrote:
>
> > alternatively, I did this and it seemed to work
> >
> > pass out on bge0 from <inside> to { any, !<outside> }
> > pass out on bge0 from <inside> to { any, !<llcidr> }
>
> The above is an overkill equivalent to
>
> pass out on bge0 from <inside> to any
>
> which I doubt is what you want.
this isn't the way it is acting. what i want is
pass out everything except <outside>
pass out everything except <llcidr>
and it seems to be working that way.
the {} thingy is strictly text expansion, which means your rules expand to:
pass out on bge0 from <inside> to any
pass out on bge0 from <inside> to !<outside>
pass out on bge0 from <inside> to any
pass out on bge0 from <inside> to !<llcidr>
if you use ''pfctl -sr'' you will see that we were right.
--
almir
