Re: npf vs. pf

To: jeanyves.migeon%free.fr@localhost
Subject: Re: npf vs. pf
From: "D'Arcy J.M. Cain" <darcy%NetBSD.org@localhost>
Date: Wed, 10 Dec 2014 10:15:50 -0500

On Wed, 10 Dec 2014 14:49:56 +0100
Jean-Yves Migeon <jeanyves.migeon%free.fr@localhost> wrote:
> > I asked if npf would have a good shot at fixing this issue but no
> > one has replied to that question.  Anyone here have any thoughts on
> > that?
> 
> npfctl(8) can definitly do that -- see "npfctl table"

Yes, I have read the documentation.  I know what it claims to do.  My
question was about how well it delivers.

In any case I think I will have to stick with pf a bit longer, at least
until npf grows a -D option.  I use rc.conf to specify $int_if and
$ext_if but npf doesn't support that.  I checked the source and it
isn't just a lack of documentation.  Also, I don't see anything to
suggest that I can put comments into the table files.  That would be a
"nice to have."

-- 
D'Arcy J.M. Cain <darcy%NetBSD.org@localhost>
http://www.NetBSD.org/ IM:darcy%Vex.Net@localhost

Follow-Ups:
- Re: npf vs. pf
  - From: Mindaugas Rasiukevicius

References:
- npf vs. pf
  - From: D'Arcy J.M. Cain
- Re: npf vs. pf
  - From: Jean-Yves Migeon

Prev by Date: Re: struct ifnet and ifaddr handling [was: Re: Making global variables of if.c MPSAFE]
Next by Date: Re: npf vs. pf
Previous by Thread: Re: npf vs. pf
Next by Thread: Re: npf vs. pf
Indexes:

Home | Main Index | Thread Index | Old Index