tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: IPfilter problems known for NetBSD-9ish?



> Hello,
>
> On Thu, Dec 31, 2020 at 06:26:15PM -0000, yancm%sdf.org@localhost wrote:
>> I decided to dig into replacing my ipnat/ipf ruleset with npf for my
>> home router/firewall/nameserver/webserver so I can migrate from
>> NetBSD 8 --> NetBSD 9 with less pain/fear...
>
> What is this fear of ipfilter on netbsd9 that I'm keeping reading
> about in side remarks? The only real error report that I found was
> specific to NetBSD/Xen PV with ipfilter loaded as module, and some
> CPP definition discrepancy assumed as the reason.
>
> I'm running IPfilter on NetBSD/amd64 for a test with a 9.1_STABLE
> kernel. If I should expect problems, I'd like to learn about them
> now.

To be really clear, I am not aware of any specific concerns,
only the long stated references to npf being the One NetBSD
packet filter/NAT going forward. Also, references to ipfilter
no longer being maintained... this question pops up on tech-net
from time to time...

My thinking was that if npf really is the way forward, I'd
just go with it... but...as I was unable to get NAT working on
my NetBSD 8ish kernel...will try npf once more with a 9_stable
kernel, then test out ipfilter in 9 and put npf on the back
burner again...




Home | Main Index | Thread Index | Old Index