On Mon, 01 Apr 2019 07:01:03 +0200, Claudio Jeker wrote: > There have been internal discussions about OpenBSD also removing the pf > packet filter after the upcoming 6.5 release. Instead a switch to > using David Gwynne's new bpf filter will happen. > The benefits outweigh the drawbacks and the missing features will be > readily implemented in time for the 6.6 release.
Will the bpf JIT changes be done in time for 6.6? I have no doubt that "pfctl -p /dev/bfp" can be made to work in time but for a truly performant firewall we will need bpf JIT. - todd
