Re: NPF does not recognize npflog0

[Pongthep Kulkrisada <ptkrisada%gmail.com@localhost>]

* Tomas Bodzar (tomas.bodzar%gmail.com@localhost) wrote:
> You think, but you did not past complete npf.conf yet so it's hard to help ;-)
I keep editing /etc/npf.conf time to time. There are so many versions.
But finally I fixed it! :-)
Just change procedure "norm" from
        normalise: "random-id", "min-ttl" 512, "max-mss" 1432
to
        normalise: "random-id"
Now it allows inbound and outbound traffic up to filtering rules.

But one question remains pertaining to ping.
        pass final on $ext_if family inet proto icmp icmp-type echo code 0 all
With the rule above, I cannot ping anywhere.
In order to ping, I must put this line instead.
        pass final on $ext_if family inet proto icmp all

I am also using PF as it previously was the only packet filter for me on NBSD.
With PF-equivalence to the former, the machine is pingable both directions
(to and from the machine).
Why is it different from NPF?

Thank you very much.
-- 
Pongthep Kulkrisada
 
"UNIX is basically a simple operating system,
but you have to be a genius to understand the simplicity."
-- Dennis M. Ritchie