On 4/1/19 9:03 AM, Kevin Chadwick wrote:
On 4/1/19 3:18 PM, Mateusz Guzik wrote:
While I support pf removal, I don't think bpf is the way to go.
FreeBSD just removed their pf [1] so the code is up for grabs and you
can import it with one weird trick.
[1] https://lists.freebsd.org/pipermail/svn-src-projects/2019-April/013336.html
lol, did you read the link that you posted
"pf in FreeBSD lags years behind OpenBSD's pf. Remove it. Users are advised to
migrate to ipf."
Why would they replace new pf with old or are you trying to suggest ipf instead
of bpf?
Realistically, we need to move to the one true firewall-- iptables!
Ideally, OpenBSD needs a firewall thats 'web scale' that can be
administered from a PHP web based frontend that uses JSON message
passing for clustering and failover.