Discussion:
NPF or PF
(too old to reply)
Alain Aubord
2015-06-09 06:27:10 UTC
Permalink
Hi All,
Could you Please indicate me what are the main differences
between the both packets filters NPF and PF?

Until now I use regularly (under OpenBSD) PF to create
firewalls. What I appreciate particularly with PF is the "overload"
function and the "authpf" shell.

I have not seen any mentions of equivalent functions in NPF.

For what reason does one choose NPF instead PF? Is NPF available
in other system (freebasd, linux)? Is a documentation (beside the man pages)
available describing the use and functionalities of NPF?

Any ideas would be greatly appreciated.

Thank for your help,

Kind regards,

rhino64

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
J. Lewis Muir
2015-06-10 14:45:32 UTC
Permalink
Post by Alain Aubord
Hi All,
Could you Please indicate me what are the main differences between the
both packets filters NPF and PF?
Hi, Alain.

I think the main differences are in the design: NPF was designed from
the ground up to scale well on a multi-core system, and it was designed
to use byte-code processing for protocol independence and flexibility.
Post by Alain Aubord
For what reason does one choose NPF instead PF?
You might choose NPF because of the differences noted above. You also
might choose NPF if you're running NetBSD because it's the "NetBSD
packet filter."
Post by Alain Aubord
Is NPF available in other system (freebasd, linux)?
Not that I know of.
Post by Alain Aubord
Is a documentation (beside the man pages) available describing the use
and functionalities of NPF?
Yes [1][2][3].

Regards,

Lewis

P.S. FYI, the email you sent is messed up; it contains many spaces at
the end of some of the lines.

[1] http://mail-index.netbsd.org/netbsd-announce/2010/09/13/msg000110.html
[2] http://www.netbsd.org/~rmind/npf/
[3] Mindaugas Rasiukevicius, "NPF - progress and perspective,"
https://2014.asiabsdcon.org/papers/abc2014-proc-all.pdf

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
r***@epost.ch
2015-06-11 15:42:31 UTC
Permalink
Hello,
Thank you for the different pointers. By the way,
the proceedings of Asia BSD conf are very
interesting and are worth reading not only for the NPF
contribution.

For the white space at the end of the line, they are due
to a faulty copy/paste. Initially, I have not sent this mail in the correct
list and it was not answered. I have then copied it with the mouse
to resubmit it in tech-net.

When I do that in mutt (running in a terminal), I get sometimes
blank at the end of line. I don't know why. Sorry for the inconvenience.

Kind regards,

Alain
Post by J. Lewis Muir
Post by Alain Aubord
Hi All,
Could you Please indicate me what are the main differences between the
both packets filters NPF and PF?
Hi, Alain.
I think the main differences are in the design: NPF was designed from
the ground up to scale well on a multi-core system, and it was designed
to use byte-code processing for protocol independence and flexibility.
Post by Alain Aubord
For what reason does one choose NPF instead PF?
You might choose NPF because of the differences noted above. You also
might choose NPF if you're running NetBSD because it's the "NetBSD
packet filter."
Post by Alain Aubord
Is NPF available in other system (freebasd, linux)?
Not that I know of.
Post by Alain Aubord
Is a documentation (beside the man pages) available describing the use
and functionalities of NPF?
Yes [1][2][3].
Regards,
Lewis
P.S. FYI, the email you sent is messed up; it contains many spaces at
the end of some of the lines.
[1] http://mail-index.netbsd.org/netbsd-announce/2010/09/13/msg000110.html
[2] http://www.netbsd.org/~rmind/npf/
[3] Mindaugas Rasiukevicius, "NPF - progress and perspective,"
https://2014.asiabsdcon.org/papers/abc2014-proc-all.pdf
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
matthew sporleder
2015-06-12 15:06:47 UTC
Permalink
Post by r***@epost.ch
Hello,
Thank you for the different pointers. By the way,
the proceedings of Asia BSD conf are very
interesting and are worth reading not only for the NPF
contribution.
For the white space at the end of the line, they are due
to a faulty copy/paste. Initially, I have not sent this mail in the correct
list and it was not answered. I have then copied it with the mouse
to resubmit it in tech-net.
When I do that in mutt (running in a terminal), I get sometimes
blank at the end of line. I don't know why. Sorry for the inconvenience.
(Off topic by a mile)
I have fought the white space thing before.

I normally comes down to a bad termcap relating to the background
erase and color properties.

Basically some terminal programs are emulating the *look* of your
background by coloring blank areas with the same color.
I would try messing around the the color attribute for mutt to say
"default" or try the uncolor/mono configs to see if that fixes it.

---

My issues were vim + screen interactions, mainly.

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loading...