Christos Zoulas <[email protected]> writes: > Yes, and please let us know if you are having any issues!
Oh, I'll complain. :) Meanwhile, this is just another step in my quest to keep my home network ahead of the one at $WORK. I have an ISP that is willing to give me official IP space, so, using NetBSD, I have a proper DNS infrastructure, including DNSSEC (using PowerDNS from pkgsrc), a proper web server and email infrastructure using real certificates (bozohttpd, postfix, Let's Encrypt!, SPF, DKIM, DMARC (shucks, I even send DMARC reports to other domains)), and working IPv6 (modulo reverse DNS, requested from my ISP but not yet implemented, so I can't do IPv6 SMTP just yet, either). It's great fun. Now, npf generally looks fine, from a pf point of view, and seems to have the potential to make my configuration simpler. I just hope that the split from just pf to npf+altqd will be comfortable; I'm really dependent on the QoS mechanisms I've implemented using pf and its interface to the underlying kernel ALTQ mechanism, and I've been using the special integration features in pf. I'll report back. -tih -- I like long walks, especially when they are taken by people who annoy me.
