John Klos wrote:

> Anyone? Is it possible? A friend is trying to do it now, to no avail,
> and I'd like to do it soon. But there seems to be a lack of documentation.
> 
> Thanks,
> John Klos
> 

Hi John,

If you're on 2.x you can try the security/pflkm package.  If you're on
3.0_BETA it's in the base.  Can't speak for the LKM myself as I have not
really given it a go.  I do know that you will have to use pftcpdump
that comes with the package if you want to start tcpdumping pflog0.

In addition to this I think there are a few other packages floating
round in pkgsrc ATM that can be used with PF as well (sysutils/pfstat
and sysutils/pftop come to mind).

I recently ran up about 3-4 boxen on 3.0_BETA all using pf in a mixed
v4/v6 environment with no issues so far.

As far as documentation goes, it's just PF.  So for me the usual entries
in rc.conf:

pf=YES
pflogd=YES

and then write your standard /etc/pf.conf.  All man pages AFAIK are in
place.

Sorry, but I have not played with ALTQ . . .

HTH,

adrian.