does (can?) freebsd-pf 'support' OSX?

OpenMacNews freebsd-pf.20.openmacnews at
Mon Sep 20 14:06:25 PDT 2004

hi all,

i've a couple of old macs i'd like to turn into useful gateway/firewall boxes.

they're running MacOSX 10.3.5 just fine.

but, with OSX, i'm stuck with ipfw -- v1, no less!

if my goal is a decent firewall, i understand my options to be pf & iptables.

to get to either, i can, of course, fight to get the openbsd, netbsd, freebsd, YelloDogLinux and/or Debian ports running on the box ... but given the h/w upgrades i have (ATA card, CPU upgrade) it doesn't look good.

soooooo, my QUESTION to y'all:

as OSX "shares" underpinnings with FreeBSD -- some go so far as to say "built on", but i get lost in the Mach vs FreeBSD core discussions -- I'm wondering if it's (a) currently possible, or (b) what would it take to get the freebsd-pf port up/running on OSX?

is is a forgone conclusion that pf is/must be built in to the kernel?  or can it be built as an extension to OSX?

i simply am too green to know/understand the answer at this point, and would appreciate any/all pointers/comments/etc.  =)

fwiw, i've raised this issue on the Darwin kernel & developer lists a number of times over the past months-n-years to no avail ...

the best i ever got was a "we're looking at firewalls" from someone, and the leaning, at that time, was towards ipfw2.

bottom line?  how can i get pf running on OSX?



