tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: NPF and PF

On Fri, Dec 18, 2020 at 05:38:03AM -0600, Hector wrote:
> Why is use of PF strongly discouraged?

There are unfixed vulnerabilities in the version that is shipped
with NetBSD. If you choose to ignore the advice at the top of the
man page and enable it anyway, you're likely opening your system
up to more problems than it solves.

> Who decided use of PF should be discouraged?
> Are there plans or thoughts to remove it from NetBSD?

It was decided by core@ that NetBSD should have one firewall
and not three.

My understanding is that ipf is in a better state than pf, with
more users and less problems. So it's likely pf will go first.

Nobody's stepped up to fix pf.

Home | Main Index | Thread Index | Old Index