Re: npf vs. pf

To: darcy%NetBSD.org@localhost
Subject: Re: npf vs. pf
From: Mindaugas Rasiukevicius <rmind%netbsd.org@localhost>
Date: Wed, 10 Dec 2014 22:52:44 +0000

"D'Arcy J.M. Cain" <darcy%NetBSD.org@localhost> wrote:
> On Wed, 10 Dec 2014 14:49:56 +0100
> Jean-Yves Migeon <jeanyves.migeon%free.fr@localhost> wrote:
> > > I asked if npf would have a good shot at fixing this issue but no
> > > one has replied to that question.  Anyone here have any thoughts on
> > > that?
> > 
> > npfctl(8) can definitly do that -- see "npfctl table"
> 
> Yes, I have read the documentation.  I know what it claims to do.  My
> question was about how well it delivers.

It is a key feature.  If it would not deliver, it would be a major bug.
Worth to point out that npftest has unit tests for tables and they are
part of NetBSD's periodic test suite runs.

> In any case I think I will have to stick with pf a bit longer, at least
> until npf grows a -D option.  I use rc.conf to specify $int_if and
> $ext_if but npf doesn't support that.  I checked the source and it
> isn't just a lack of documentation.

What is the benefit here?

> Also, I don't see anything to
> suggest that I can put comments into the table files.  That would be a
> "nice to have."

All lines which start with # are ignored.  So you can put the comments,
it is just not mentioned in the documentation.

-- 
Mindaugas

Follow-Ups:
- Re: npf vs. pf
  - From: D'Arcy J.M. Cain

References:
- npf vs. pf
  - From: D'Arcy J.M. Cain
- Re: npf vs. pf
  - From: Jean-Yves Migeon
- Re: npf vs. pf
  - From: D'Arcy J.M. Cain

Prev by Date: Re: npf vs. pf
Next by Date: Re: npf vs. pf
Previous by Thread: Re: npf vs. pf
Next by Thread: Re: npf vs. pf
Indexes:

Home | Main Index | Thread Index | Old Index