Re: NPF and PF

To: Hector <technet%netdog.org@localhost>
Subject: Re: NPF and PF
From: Robert Swindells <rjs%fdy2.co.uk@localhost>
Date: Fri, 18 Dec 2020 12:41:04 +0000

Hector <technet%netdog.org@localhost> wrote:
>* Martin Husemann <martin%duskware.de@localhost> wrote, on 2020-12-18 05:47:
>> On Fri, Dec 18, 2020 at 05:38:03AM -0600, Hector wrote:
>> > * <technet%netdog.org@localhost> wrote, on 2020-12-15 22:41:
>> > > A couple of years ago this bold note was added at the top of pf(4) man page:
>> > >
>> > >   The NetBSD version of PF is obsolete, and its use is strongly
>> > >   discouraged.  Use npf(7) instead.
>> > 
>> > Why is use of PF strongly discouraged?
>> 
>> Basically what the note says: the verison of PF in the NetBSD tree is 
>> *ancient* and unmaintained.
>> 
>> > Are there plans or thoughts to remove it from NetBSD?
>> 
>> Yes - as soon as npf(7) is considered to be mature enough to cover the
>> relevant use cases, both ipf and pf will be removed.
>
>Should I be concerned about how is decided what is considered relevant
>use cases?
>
>Is it likely that some current PF users (like me) may have use cases
>which the decision makers conclude are not relevant?

Are you getting anywhere with writing up the problems you found with
npf(7) ?

Just providing your list of IP addresses to block could be a start.

Follow-Ups:
- Re: NPF and PF
  - From: Hector
- Re: NPF and PF
  - From: Hector

References:
- Re: NPF and PF
  - From: Hector

Prev by Date: Re: NPF and PF
Next by Date: Re: NPF and PF
Previous by Thread: Re: NPF and PF
Next by Thread: Re: NPF and PF
Indexes:

Home | Main Index | Thread Index | Old Index