Re: update pf

To: tech-net%netbsd.org@localhost
Subject: Re: update pf
From: christos%astron.com@localhost (Christos Zoulas)
Date: Mon, 5 Dec 2016 22:38:37 +0000 (UTC)

In article <cf31885d-121e-5686-d4b7-d5ff8af8a211%egervary.hu@localhost>,
EgervÃ¡ry Gergely  <gergely%egervary.hu@localhost> wrote:
>> OpenBSD's PF is not maintainable. It got more and more tentacles into
>> the rest of the OpenBSD network stack. So yes, effectively I think NPF
>> is the only viable option midterm.
>
>Bad news. PF is a great design and it's quite multiplatform. It is in
>Solaris 11.3, Mac OS X 10.7, FreeBSD and DragonFly, pfSense (= FreeBSD)
>and probably others. (FreeBSD port is outdated, too)
>
>NPF is missing TPROXY / divert sockets functionality.

Can't you use map for those?

christos

Follow-Ups:
- Re: update pf
  - From: Egerváry Gergely

References:
- update pf
  - From: Egerváry Gergely
- Re: update pf
  - From: Egerváry Gergely
- Re: update pf
  - From: Joerg Sonnenberger
- Re: update pf
  - From: Egerváry Gergely

Prev by Date: Re: Deferred if_start
Next by Date: Re: Deferred if_start
Previous by Thread: Re: update pf
Next by Thread: Re: update pf
Indexes:

Home | Main Index | Thread Index | Old Index