On Wed, Nov 06, 2002 at 01:22:05PM +0100, Joel Wilsson wrote:
> Personally I don't care, because the main reason I did this was to
> learn more about the kernel, but I guess some might find it useful
> to take a ruleset from their OpenBSD firewalls and use it directly
> under NetBSD.
> 
> And it has been asked about, so I thought "why not?":
> http://mail-index.netbsd.org/tech-kern/2002/10/23/0001.html
> 
> I don't know enough about ipfilter to answer your question, but
> iirc ipfilter can't pick up the state of existing TCP connections

newer ipfilter can.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
--