Subject: Re: pf (Package Filter pflkm) without IPV6
To: Andy Ruhl <>
From: Andy Ruhl <>
List: netbsd-users
Date: 06/23/2005 16:47:43
On 6/23/05, Peter Postma <> wrote:
> On Thu, Jun 23, 2005 at 03:52:28PM -0700, Andy Ruhl wrote:
> > I built it last month from pkgsrc, I'm not sure what version it is.
> > I'm only doing firewalling and NAT, but I'm happy with it. I had read
> > Michael Lucas's Absolute OpenBSD book, which has lots of stuff on pf,
> > and I'm much more comfortable with it's syntax than ipf.
> >
> > The only thing I'm not as happy with is that I can't remove IPV6, like
> > you say, and the module won't load into a multi processor kernel. 3.0
> > should fix that.
> >
> It should load if you force modload with -f. Or add
> "CFLAGS+=3D-DMULTIPROCESSOR" to /etc/mk.conf and rebuild pflkm.
> For the IPv6 problem, I'll try to fix it soon.

I may try that, but for now I'm happy to wait for 3.0 to be released
if it is going to be reasonably on schedule.

Thanks for your work, pf is really a step up from ipf in readability
and useability for me.