ftp://ftp.kame.net/pub/kame/misc/netbsd-pf-20030626.diff
	has PF (openbsd packet filter) for netbsd-current as of today.

	caveats:
	- does not support (interface) syntax
	- ip_off/ip_len endian flipping needs testing

	my ultimate goal is to replace ipsec policy engine by PF tagging
	(just like ALTQ integration to PF on openbsd).

itojun