Discussion:
NPF documentation
(too old to reply)
Loganaden Velvindron
2013-03-10 18:10:35 UTC
Permalink
Hi,

I've looked over NPF and sent some a bug report a while ago.

The last time I tried to load a ruleset, it rebooted my netbsd-current box.

I was hoping to see a less volatile -current so that interested users
can experiment with NPF.

I'm curious as to the stability of NPF. Would you recommend it for
production use ?

Also, I'd like to hear about users who deployed it in production environment.


On Sun, Mar 10, 2013 at 9:41 PM, Mindaugas Rasiukevicius
Hello,
As those of you tracking source changes may have already noticed, there
have been various improvements to NPF over the last few months (e.g. support
for dynamic NPF rules). NetBSD 6.1 has recently entered Release Candidate
stage, therefore wider testing would be more than welcome!
http://www.netbsd.org/~rmind/npf/
Hopefully, over the time, it will expand. There is a read-only GIT
repository you can clone.
Thanks.
P.S. There is a potential GSoC 2013 project for NPF, see projects page
in the Wiki!
--
Mindaugas
--
Brightest day,
Blackest night,
No bug shall escape my sight,
And those who worship evil's mind,
be wary of my powers,
puffy lantern's light !

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Mindaugas Rasiukevicius
2013-03-10 19:06:04 UTC
Permalink
Post by Loganaden Velvindron
I've looked over NPF and sent some a bug report a while ago.
The last time I tried to load a ruleset, it rebooted my netbsd-current box.
I was hoping to see a less volatile -current so that interested users
can experiment with NPF.
That was fixed many months ago. A lot has changed since.
--
Mindaugas

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Waitman Gobble
2013-03-11 04:51:46 UTC
Permalink
http://www.netbsd.org/~rmind/npf/#_report_a_bug
Thanks.
--
Mindaugas
Yes, thank you. I did notice that I had the npf pseudo device commented out of my Kernel configuration, the existence of /dev/npf made me think I had it in there. Perhaps this is cause of the problem. I'll check it out.
--
Waitman Gobble
San Jose California USA
Hugo Silva
2013-03-14 15:22:35 UTC
Permalink
Hello,
As those of you tracking source changes may have already noticed, there
have been various improvements to NPF over the last few months (e.g. support
for dynamic NPF rules). NetBSD 6.1 has recently entered Release Candidate
stage, therefore wider testing would be more than welcome!
http://www.netbsd.org/~rmind/npf/
Hopefully, over the time, it will expand. There is a read-only GIT
repository you can clone.
Thanks.
P.S. There is a potential GSoC 2013 project for NPF, see projects page
in the Wiki!
The documentation is really nice and I am using npf in production on
several 6.0/6.0.1/6.1_RC1 virtual machines.

It's looking good! I didn't know about the dynamic rules feature, that's
pretty cool

Incidentally, are there any plans to log to a file (a la pflogd) and is
there an equivalent pftop utility that can be used to inspect the
firewall state?



--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loading...