OpenBSD Journal

PF Syntax Change

Contributed by jose on from the ease-of-developer-use dept.

As seen on the misc@ mailing list in this message from Henning :
"After much discussion we made a hard decision: we will change pf syntax from English to German."
So, what are the implications of this? And why the change? Read on.

"Let me explain.

Most of the pf developers are native german speakers. It's very hard for us to dream up new keywords in a foreign language. In fact, I have a few new features in mind I would really like to have, but cannot implement because I can't think of a reasonable English keyword.

And, of course, we do not want to support a regime attacking poor Afghan and Iraqi farmers by using the english language. We realize this change is radical, and that it will cause some management issues for you, but it's really worth it, the new syntax is so much more clear and simple, you won't regret it. Look at this example: 




ext_if="dc0"

mach isnich-Gesetz Schiesszurueck
mach limit { states 10000, frags 5000 }
mach erzwinge-Reihenfolge noe

AndereSchlangen auf $ext_if Bandbreite 10Mb Klassen-basiertes-anstellen 
	Schlange { ssh, http, allet }
Schlange allet Bandbreite 1Mb Klassen-basiertes-anstellen(default)
Schlange ssh Bandbreite 1Mb Klassen-basiertes-anstellen(leihen) 
	{ ssh_bulk, ssh_prio }
Schlange  ssh_bulk Prioritaet 0
Schlange  ssh_prio Prioritaet 7
Schlange http Bandbreite 9Mb

Tabelle

{ 10.0.0.1, 10.0.0.7, 10.0.0.9 }

scrub rein von wurscht nach 10/8 zufalls-id

ueberzetze auf $ext_if dasAlteProtokoll von 10/8 nach wurscht -> $ext_if
umleite auf $ext_if von wurscht nach $ext_if -> 10.0.0.1

nixschummeln SchnellSchnellSchnell fuer $ext_if

isnich lassfallen SchnellSchnellSchnell auf $ext_if von 192.168/16
lass rein SchnellSchnellSchnell auf $ext_if Protokoll tcp nach 
Hafen 80 Flaggen S/SA halte Status 
	 Schild "wodieSeitenherkommen" Schlange http 
lass raus SchnellSchnellSchnell auf $ext_if Protokoll tcp nach wurscht 
	 Hafen 22 Flaggen S/SA halte Status Schild "ssh-raus" 
	 Schlange (ssh_bulk, ssh_prio)
it's obviously so much better than what we have now, and we get rid of the last remnants of IPF. Rest in Peace."
Henning also provides an early CVS diff for the parser for OpenBSD-current in his message. I look forward to this change, it can only be a good thing if it helps developers!

(Comments are closed)

Comments

  1. By Christian Noack () cnoack@informatik.tu-cottbus.de on mailto:cnoack@informatik.tu-cottbus.de

    Hello. As a native German speaker I really really appreciate this change. I always regretted it that I have to use english all the time in nearly all places when doing OBSD. It's really time to bring some tribute back to Germany and its developers. I'll love it. :-))) Greetings - Christian Noack

  2. By mirco () on

    lmao :)) - good one

  3. By hacho () homega@wanadoo.es on mailto:homega@wanadoo.es

    By far the best April's fool so far today. Just wonder whether the idea passed through his mind before today.

    Comments

    1. By Henning () henning@openbsd.org on mailto:henning@openbsd.org

      yes, this idea is actually pretty old. I don't remember when I came up with this first... I remember we talked about a german locale for pf in calgary at c2k2 already, and when philipp, wim and markus were here a few weeks ago we talked more about it. However, the diff and the sample ruleset are entirely done between april, 1, 1am and 4am local time ;-)

    2. By Wim () wim@kd85.com on http://kd85.com

      I think the idea popped up during several chemical and alcohol induced meetings. As far as I can remember anything from those ;-)

      Wim /* don't shoot the messager, I only bring the beer */

      Comments

      1. By mirabile () root@[2001:618:4:137f::222] on http://www.badadvocacy.org/~mirabile/

        ... as long as you got booth slaves to organize
        beer for you, no?

        I actually grabbed another idea which grew up in
        IRC, "fuck-off" (equivalent to "block return",
        which did not exist at that time, only return-rst,
        return-icmp and return-icmp6). Some guy tried a
        patch, and Henning told me about the German locale
        schnellschnellschnell.

        After "block return" went in, I re-did the diff.
        It was fairly easy, even if I don't speak yacc (yet).

  4. By chris () on

    oh wait.
    04.01.2003
    almost had me going their for a minute...
    good one.

    ::chris

  5. By FenderQ () on

    What I've got so far!

    echo "Ich habe zwei Kokosnüsse und eine Banane zwischen meinen Beinen" > /etc/pf.conf

    Comments

    1. By Noryungi () n o r y u n g i @ y a h o o . c o m on mailto:n o r y u n g i @ y a h o o . c o m

      Ooops!

      I know just enough German to understand that last one, and it sounds very painful!! =)

    2. By Anonymous Coward () on


      What packets do you expect to block using:
      "I have two coconuts and a banana between my legs"

      Comments

      1. By Anonymous Coward () on

        certainly not the ones seeking for coconuts or a banana :)

  6. By Akor () on

    I usually hate April Fools. But if everyone would come up with such good stories this would not be the case. :)

  7. By Anonymous Coward () on

    Please stop this steady influx of crap. It's getting painful.

  8. By Theo De Raadt () deraadt@cvs.openbsd.org on www.openbsd.org

    guys.. this April fools shit is getting out of hand.

    I was going to announce today that i am handing the openbsd project over to GOBBLES. His programing skills are far supperior to mine, as noted by his brilliant openssh exploit.

    Cut the joking shit out, and be the first to welcome GOBBLES to the team.

    oh, and buy a few cd's while you're at it.

    Comments

    1. By Anonymous Coward () on

      This falls under "sad, but true."

    2. By Der Kommisar Sherrod () sherrod@girlvinyl.com on http://www.girlvinyl.com

      Ja dis ist gut.
      Der GOBBLES ist faah bettah equipkt to handel das BSD. I tink ve vill haf to help him find his paphas!
      SCHNELL!

      Comments

      1. By Anonymous Coward () on

        This is not krautish?

    3. By Anonymous Coward () on

      ohh my god.. i almost shit my pants.. =P

  9. By Anonymous Coward () on

    Danke.

  10. By Anonymous Coward () on

    you had me. Good.. Thanks for the laugh..

    Comments

    1. By [ESN] () esn@x123.info on mailto:esn@x123.info

      Well this change of lang of the pf well afect the use of pf.
      english/spanish/chinese are the most talk lang's in the world.. by the way not every one sees germen in shool.
      I think a beter solution is to implement a lang module, so the user chan change the lang...

      Comments

      1. By Anonymous Coward () on

        What you need is a date module implemented, April Folls day means to expect surprises and jokes. This is a joke.

  11. By Anonymous Coward () on


    * g o a t s e x * g o a t s e x * g o a t s e x *
    g g
    o / / o
    a| | | | a
    t| `. | | : t
    s` | | | | s
    e | / / --__ : e
    x / _--~~ ~--__| | x
    * _-~ ~-_ | *
    g _ _.--------.______| | g
    o ______// _ ___ _ (_(__> | o
    a . C ___) ______ (_(____> | / a
    t / | C ____)/ (_____> |_/ t
    s / /| C_____) | (___> / s
    e | ( _C_____)______/ // _/ / e
    x | |__ _________// (__/ | x
    * | ____) `---- --' | *
    g | _ ___ /_ _/ | g
    o | / | | | o
    a | | / | a
    t | / / | | |t
    s | / / __/___/ | |s
    e | / / | | | |e
    x | | | | | |x
    * g o a t s e x * g o a t s e x * g o a t e x *

  12. By jose () on http://monkey.org/~jose/

    this was probably the best april fool's day joke i saw this year, henning and company did really well. excellent coverage on the mailing list, too!

  13. By Cuba++ () cuba at seznam.cz on mailto:cuba at seznam.cz

    I'd like to have german notation in Linux/Iptables! iptabellen -A Beitritt -s 10.0.0.0/8 -j hinwerfen

    Comments
    1. Comments

  14. By Ben Howard () junk@utlemming.org on mailto:junk@utlemming.org

    It is utterly illresponsable to post a change in software because of political reasons. If you do not support the war in Iraq, then fine, so be it. But to state that as a reason to change languages is due to political reasons, is stupid. Besides, how does supporting the English language have any bearing on the 'regime' that is attacking the 'farmers?' Please, give me a break. Software is software, and politics is politics. But I suppose if by making language changes gives you satisfaction, fine. FreeBSD or NetBSD will just become a whole lot more popular. Frankly the first reason was a whole lot more sound and would not offend nearly as many.

    Comments

    1. By Anonymous Coward () on

      Even dumber to rant on a posting from 4/1/03


      as for the US killing innocent babies in Iraq, it is yet to be determined which regime will kill more babies

  15. By Anonymous () on

    "After much discussion we made a hard decision: we will change pf syntax from English to German."

    I also speak German fluently. However when it comes to computers I feel most comfortable with English. I find much more sense in the English syntax. Please, keep it in English.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]