NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/50809: pf panics while purging state

The following reply was made to PR kern/50809; it has been noted by GNATS.

From: Brad Spencer <>
Subject: Re: kern/50809: pf panics while purging state
Date: Mon, 15 Feb 2016 12:25:57 -0500 (EST) (Christos Zoulas) wrote:
    > If we are not going to maintain them or spend cycles try to fix the
    > bugs people report, we should get people to use npf which we actively
    > maintain. For that we need to get npf to have feature parity with the
    > other packet filters. Hauke can you try switching in this case?
    I have not had enough time recently to work on the feature parity
    recently, but I am more than happy to spread the knowledge on the
    NPF internals and help with the work.  I also have some unfinished
    patches which add features; they need some mechanical completion
    and just testing really.
 I probably use IPF in a somewhat unusual manor, but the only reason I
 don't use NPF is the seemly lack of BRIDGE_IPF.  I have placed an IPF
 filter in between me and the Internet with another system lower down doing
 NAT, and internal routing and more firewalling.  I actually have a small
 set of fully routable IPs that live on systems and would rather not do NAT
 on the edge if I can help it, nor would I like to maintain firewall sets
 on these systems for those things I would like to prevent from leaving or
 prevent from entering the edge network.
 Brad Spencer - - KC8VKS  - & - [IPv6 only]

Home | Main Index | Thread Index | Old Index