On Thursday, June 26, 2003, at 12:09  pm, itojun@iijlab.net wrote:
> 	ftp://ftp.kame.net/pub/kame/misc/netbsd-pf-20030626.diff
> 	has PF (openbsd packet filter) for netbsd-current as of today.
>
> 	caveats:
> 	- does not support (interface) syntax
> 	- ip_off/ip_len endian flipping needs testing

Great! Let me know if you want any help, I have some patches against
NetBSD-current, but those are for OpenBSD 3.3's pf (both kernel-
and userland stuff). And they're only "almost" done. :)

I've updated http://foo.unix.se/joelw/pflkm.html with this info.

> 	my ultimate goal is to replace ipsec policy engine by PF tagging
> 	(just like ALTQ integration to PF on openbsd).

That would be nice.

Regards,
   joelw