DragonFly BSD
DragonFly kernel List (threaded) for 2003-11
Re: any interest in importing pf?

From: Brooks Davis <brooks@xxxxxxxxxxxxxxxxxx>
Date: Thu, 6 Nov 2003 20:46:57 -0800

On Thu, Nov 06, 2003 at 11:18:56PM -0500, GeekGod wrote:
> "Bernhard Valenti" <bernhard.valenti@xxxxxxx> wrote in message
> news:<3FAAD0FE.5000909@xxxxxxx>...
> > I'm using IPFilter but recently looked at PF, and seems like PF can do
> > the same as IPFilter and more. So i would like to have PF even if its
> > instead of IPFilter. Also, the rules are somewhat compatible...
> IPFW2 works wonders for me, personally.  My only beef about the
> current FreeBSD/DF IPFW/NATD situation is that the NATD binary is
> separate from the kernel and is not really optimised AFAIKT.  I've
> always sat back and marveled at the fact that PF/IPFILTER and all
> the other guys out there (IPCHAINS) has enjoyed NATD support built
> into the kernel.  My only request(well, maybe only 1) would be that a
> project is formed to help move the current NATD userland binary into
> kernel-land or another optimized framework.

FYI, someone is working on a netgraph node to do NAT in FreeBSD.

-- Brooks

Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

