A short npf note


NetBSD is using/will be using? ‘npf’, a new version of pf similarly-named-but completely-different firewall from pf.  Hubert Feyrer put together a bunch of links talking about it.  I link this because DragonFly is using a version of pf equivalent to what OpenBSD 4.8, and there’s been some discussion of what to do next; it appears FreeBSD and NetBSD are forking off separately from OpenBSD’s version.

Update: npf and pf share 2 letters in the name and nothing else, as Joerg told me – corrected.

Posted by     Categories: BSD, DragonFly     3 Comments
3 Comments on A short npf note

Respond | Trackback

  1. js says:

    npf is not a fork, but a conplete rewrite with multiprocessing being part of its design from the start. It’s basically how of would be if it would have been written today.

  2. js says:

    s/how of/how pf/, sorry.

  3. corey says:

    I think “how pf would be had it been written today” is a bit of a stretch. There are many other aspects of pf besides whether its packet-filtering engine can utilize multiple cores. I don’t believe the OpenBSD pf devs see lack of multicore packet filtering as a big handicap on that platform.

    While running multi-core was a consideration, I suspect the porting effort was one, too, as OpenBSD pf has become more tightly integrated with its kernel.

Respond

Comments

Comments