any interest in importing pf?
Brooks Davis
brooks at one-eyed-alien.net
Thu Nov 6 20:48:47 PST 2003
On Thu, Nov 06, 2003 at 11:18:56PM -0500, GeekGod wrote:
> "Bernhard Valenti" <bernhard.valenti at xxxxxxx> wrote in message
> news:<3FAAD0FE.5000909 at xxxxxxx>...
> > I'm using IPFilter but recently looked at PF, and seems like PF can do
> > the same as IPFilter and more. So i would like to have PF even if its
> > instead of IPFilter. Also, the rules are somewhat compatible...
>
> IPFW2 works wonders for me, personally. My only beef about the
> current FreeBSD/DF IPFW/NATD situation is that the NATD binary is
> separate from the kernel and is not really optimised AFAIKT. I've
> always sat back and marveled at the fact that PF/IPFILTER and all
> the other guys out there (IPCHAINS) has enjoyed NATD support built
> into the kernel. My only request(well, maybe only 1) would be that a
> project is formed to help move the current NATD userland binary into
> kernel-land or another optimized framework.
FYI, someone is working on a netgraph node to do NAT in FreeBSD.
-- Brooks
--
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
Attachment:
pgp00003.pgp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00003.pgp
Type: application/octet-stream
Size: 189 bytes
Desc: "Description: PGP signature"
URL: <http://lists.dragonflybsd.org/pipermail/kernel/attachments/20031106/49d674d4/attachment-0014.obj>
More information about the Kernel
mailing list