HEADS UP: pf(4) update

To: current-users%NetBSD.org@localhost
Subject: HEADS UP: pf(4) update
From: Peter Postma <peter%pointless.nl@localhost>
Date: Wed, 18 Jun 2008 19:12:09 +0200

pf(4) in NetBSD -current has been updated to OpenBSD 4.2 based pf.

There are a few important things to note about this update:

- A new pfctl must be installed before booting a kernel with the new pf.

- 'keep state' is now the default for pf rules, use 'no state' to
  disable stateful filtering.

- 'flags S/SA' is now the default on TCP connections, use 'flags any' to
  disable flags checking.

- The pflog device is now a cloning device, pflog0 will
  automatically be created when starting pflogd.

- There's a new libevent-based ftp-proxy in /usr/sbin, which runs in
  standalone mode. Use ftp_proxy=YES in rc.conf to start it at boot time.
  The old ftp-proxy in /usr/libexec has been removed.

If you notice any problems, please send a problem report with the
send-pr(8) tool.

-- 
Peter Postma

Prev by Date: Re: panic assertion "!cv_has_waiters(&bp->b_done) vfs_subr2.c
Next by Date: Re: panic assertion "!cv_has_waiters(&bp->b_done) vfs_subr2.c
Previous by Thread: Network Problems after upgrade to NetBSD 4.99.65
Next by Thread: daily CVS update output
Indexes:

Home | Main Index | Thread Index | Old Index