On 2019/04/01 07:01, Claudio Jeker wrote:
> There have been internal discussions about OpenBSD also removing the pf
> packet filter after the upcoming 6.5 release. Instead a switch to
> using David Gwynne's new bpf filter will happen.
> The benefits outweigh the drawbacks and the missing features will be
> readily implemented in time for the 6.6 release.

I think FTP might be a bit of a problem here. It is clearly problematic
with firewalls and CGN; who do we talk to about getting RFC959 obsoleted?
In the meantime we could have an awk script parsing tcpdump output and
reactively updating the bpf filter.

Reply via email to