I continue to use pf and not npf because : 1) I couldn't get std rulesets to seem to work (been a while though) 2) no port redirection 3) dynamic ruleset use didn't appear to be adequate 4) greylisting (not just email) for custom stuff that I can't see how to support in npf. 5) Needs far more documentation and help than I have seen.
I would like to move to npf as some future features look nice (SYN floods, DoS attacks, etc). However, in addition to std rulesets, etc, I use log followers to block attacks. While not the main security, they really help hold down traffic, etc. and I'm not anywhere near willing to give them up. I tried using blacklistd but never could get it to work (also been a while).
