On Mon, Apr 01, 2019 at 03:33:36PM +0100, Stephen Borrill wrote: > On Mon, 1 Apr 2019, Jaromír Dole?~Mek wrote: > > Le lun. 1 avr. 2019 à 14:32, Stephen Borrill <[email protected]> a > > écrit : > > > Your two statements are mutually inconsistent: > > > 1) No-one is maintaining ipf or pf > > > and > > > 2) If the effort had been on one firewall instead of three, the one chosen > > > would be more functional. > > > > IMO it's consistent - if we had one, it would be clear to which one to > > contribute, and clear if the feature is really missing and working. > > i.e. nobody contributes anything because they don't know to which of > > the firewalls to contribute. > > > > In either case, let's return to a constructive discussion, and see > > what needs to be done. NPF-only is the future, so let's get to that > > future. > > > > In the past discussion, I've only seen people mentioning only two > > features missing in NPF and present in PF: > > > > 1. ftp-proxy support - Maxime volunteered to implement this in NPF, > > I'm sure help there would be welcome > > 2. group support for config (mentioned by Manuel) - anyone feels like > > taking? > > - ??it might be enough to have some kind of config preprocessor > > initially if that's easier to do?? > > > > Is there anything else? > > The canonical, but not necessarily complete, lists are: > > http://cvsweb.netbsd.org/bsdweb.cgi/src/doc/TODO.npf > > https://www.netbsd.org/~rmind/npf/__tasklist.html
http://gnats.netbsd.org/53199 Installed another 2 new servers with ipf after having tried and failed to convert a trivial ruleset to npf.
