Subject: Re: pf as the only one firewall in netbsd?
To: Michal Stepien <>
From: Thomas E. Spanjaard <>
List: tech-kern
Date: 04/06/2006 00:06:56
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
Content-Transfer-Encoding: 7bit

Michal Stepien wrote:
> On Wed, Apr 05, 2006 at 09:57:19PM +0000, Manuel Bouyer wrote:
>>> I was said that pf is not integrated with netbsd3.0
>>> because developer of netbsd wants to integrate both
>>> pf and ipf with altq. Up to now there is no integration
>> BTW, this is not the exact reason. We'd like an API which is not
>> dependant on pf, so that it can be used with other classifiers than pf.
>> You may want to classify packets on other criteria than content of the
>> IP header, or even non-IP packets. I've done this in the past.
> This what you have said is very interesting. Do you (or other netbsd
> developers) have some plans related to implementation
> of this ideas in near future? Will be netbsd31 a revolution
> in firewall/qos field?

ppostma@ is working on this, even though he doesn't have a lot of time 
to dedicate to it. And the changes won't go into 3.1, they might miss 
4.0 even if it's not done in time for that. And it wouldn't be a 
revolution, just an evolution of what we currently have. It's a logical 
step forward to be able to classify more than just inet and inet6.

         Thomas E. Spanjaard

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.2 (NetBSD)