On 3/17/15 6:34 PM, Mindaugas Rasiukevicius wrote: Hi, Mindaugas.
First, let me say thank you for your excellent work on NPF! > "D'Arcy J.M. Cain" <da...@netbsd.org> wrote: >> I have decided to give up on pf after banging my head against >> the wall (and the OBSD mailing list) and try npf but I >> can't figure out the syntax. I followed the example at >> http://www.netbsd.org/~rmind/npf/ but I keep getting errors when I >> validate. I reduced npf.conf to the following two lines: > > It looks like you are using the netbsd-6. The documentation is for > the netbsd-7/current. NPF in netbsd-6 does not support table naming > so you have to use numbers. It does not autoload ALGs, so you can > skip that line and modload npf_alg_icmp manually. Is there ~rmind/npf documentation for NPF in NetBSD 6? I've run into the same problem when trying to learn NPF and finding that the documentation did not apply to what I had (netbsd-6 stable branch). I ended up using the ~rmind/npf documentation along with the man pages from netbsd-6 to figure out what parts of ~rmind/npf did not apply to netbsd-6 or had been renamed, etc. > NPF in netbsd-6 is very old by now; netbsd-7 has many fixes as well as > improvements and I strongly recommend to use that. I can certainly understand that, but NetBSD 7 has not been released yet. It doesn't seem reasonable to expect people to run -current or 7.0_BETA in production. Regards, Lewis
