On Fri, 04 Apr 2003, Petter Lindquist wrote:
> To start with I could ask if there is any good iplogin solution available
> for netbsd.

What do you mean when you say "good iplogin solution"?

> If not, is there any possibility to run ipfw on netbsd?

ipfw is not part of NetBSD, but you might be able to port it.

> If not, is there any possibility to dynamically add and remove ipf rules
> in the middle of a ruleset?

Yes.  See the ipfw.conf(5) man page, and search for the word 'insert'.

Alternatively, you could dynamically build an entire replacement ruleset
(say using a script that rewrites /etc/ipf.conf), and atomically switch
to the new ruleset (say using "/etc/rc.d/ipfilter reload", or using "ipf
-s").

--apb (Alan Barrett)