> On Dec 17, 2014, at 6:16 PM, Christopher Petrik <ch...@bsdjunk.com> wrote: > > On Thu, Dec 18, 2014 at 12:43:59AM +0100, Daniel Engberg wrote: >> Hi, >> >> During the year there has been several discussions regarding the state of pf >> in FreeBSD. In most cases it seems to boil down to that it's too >> hard/time-consuming to bring upstream patches from OpenBSD to FreeBSD. As >> it's been mentioned Apple seems to update pf somewhat (copyright is changed >> to 2013 at least) and file size differs between OS X releases but I wasn't >> able to find any commit logs. >> >> That said, NetBSD have something similar to pf in syntax called npf which >> seems actively maintained and the author seems open to the idea of porting >> it to FreeBSD. >> http://www.netbsd.org/~rmind/pub/npf_asiabsdcon_2014.pdf - Page 24 >> However I'm not certain that it surpasses our current pf in terms of >> functionality in all cases (apart from the firewalling ALTQ comes to mind >> etc). >> Perhaps this might be worth looking into and in the end drop pf due to the >> reasons above? >> >> That said, don't forget all the work that has gone into getting pf where it >> is today. >> While I'm at it, does anyone else than me use ALTQ? While it's not >> multithreaded I find a very good "tool" and it does shaping really well. >> >> Best regards, >> Daniel >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org" > Hi, > I think the real question is, "Do we really need so many firewall suites > in FreeBSD" we have ipfw, ipf, pf I think the solution would be to port > npf as it's bases is to be portable. I use it and it takes some getting > used to but it looks promising. But then this creates a 4th suite to add > into FreeBSD ?
We could ‘port’ it to run on top of netmap (like the version of ipfw that runs over netmap). Then it’s not necessarily “in” FreeBSD. Jim _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
