NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: NetBSD + npf for main Internet-facing firewall?



Greetings,

I believe npf is not so much discussed because it just works.
I use npf as Internet-facing firewall in every place I have
from the very beginning of it. And I had fewer problems replacing
pf with npf rather than replacing iptables with pf.

Npf have some caveats, mostly about stateful vs stateless filtering,
but as of 9.1 it is very stable and very nice to configure.

On this occasion I would like to thank NetBSD team for clean design
stable firewall which now we can use.

On 25.02.2021 20:03, U'll Be King Of The Stars wrote:
Hi all,

I'm considering running NetBSD on Supermicro A1SRi-2758F server for my
Internet-facing firewall and main switch.  I love this server for home
servers because it's so quiet, and has many other suitable attributes.

My plan is to run npf as the main firewall, and to use this machine as
the primary switch.

The funny thing is that I've noticed that not many NetBSD users openly
discuss using npf for this purpose.  This would seem a natural use case
to me.  (I should remember to follow my own rules and never make
assumptions.)

It seems like a natural thing for fellow users to do.  But are my
assumptions a bit off?
--
Dima Veselov
Physics R&D Establishment of Saint-Petersburg University


Home | Main Index | Thread Index | Old Index