Proposed Improvements to NPF

[Josh Moyer <JMoyer%nodomain.net@localhost>]

Dear tech-net,
My npf.conf is complex and unwieldy at 720 lines.  I'm in need of
syntactical improvements to help me manage it.  Necessity is the mother
of invention and, so, I am proposing these prioritized improvements to
npfctl's parser:

1: Allow for multiple interfaces per group.
2: Improve support for nesting/grouping with variables.  (Crashes have
been observed here -- core available.)
3: DNS hostname lookup support.  (Is this a bad idea from a remote
firewall rule manipulation attack type of perspective?)

I'm hoping to complete this work in 3-9 months.  This will be my first
significant contribution to the project.  What should I know and
consider before and as I work?  I've read [1] and recent messages with
npf in the subject in tech-net, as well as some of [2].

[1] https://wiki.netbsd.org/projects/project/npf_improvements/
[2] /usr/src/usr.sbin/npf/(npfctl/)

Thanks in advance!

--
Kind regards,
    _____    
   | * * |   Josh Moyer (he/him) <JMoyer%NODOMAIN.NET@localhost>
   |*(*)*|   http://jmoyer.nodomain.net/
    \ - /    http://www.nodomain.net/
     \//     
             Love, Responsibility, Justice
             Liebe, Verantwortung, Gerechtigkeit
             
             Please don't eat the animals.
             Thanks.