tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: update pf

To: tech-net%netbsd.org@localhost
Subject: Re: update pf
From: Egerváry Gergely <gergely%egervary.hu@localhost>
Date: Sun, 4 Dec 2016 23:26:34 +0100

OpenBSD's PF is not maintainable. It got more and more tentacles into
the rest of the OpenBSD network stack. So yes, effectively I think NPF
is the only viable option midterm.


Bad news. PF is a great design and it's quite multiplatform. It is in
Solaris 11.3, Mac OS X 10.7, FreeBSD and DragonFly, pfSense (= FreeBSD)
and probably others. (FreeBSD port is outdated, too)

NPF is missing TPROXY / divert sockets functionality.

--
Gergely EGERVARY

Follow-Ups:
- Re: update pf
  - From: Christos Zoulas
- Re: update pf
  - From: Joerg Sonnenberger

References:
- update pf
  - From: Egerváry Gergely
- Re: update pf
  - From: Joerg Sonnenberger
- Re: update pf
  - From: Egerváry Gergely
- Re: update pf
  - From: Joerg Sonnenberger

Prev by Date: Re: update pf
Next by Date: Re: update pf
Previous by Thread: Re: update pf
Next by Thread: Re: update pf
Indexes:

Home | Main Index | Thread Index | Old Index