[pf4freebsd] Re: [OT] FreeBSD/PF for Darwin/OSX?

pf-r at solarflux.org pf-r at solarflux.org
Wed Sep 15 21:01:17 PDT 2004 

I guess Chris didn't 'reply-all'; thanks, though for the detailed info!

----- Forwarded message from "Christopher D. Lewis" <Lewis at Alumni.Duke.edu>
-----
    Date: Fri, 13 Feb 2004 08:12:22 -0600
    From: "Christopher D. Lewis" <Lewis at Alumni.Duke.edu>
Reply-To: "Christopher D. Lewis" <Lewis at Alumni.Duke.edu>
 Subject: Re: [pf4freebsd] Re: [OT] FreeBSD/PF for Darwin/OSX?
      To: "pf-r at solarflux.org" <pf-r at solarflux.org>


On Feb 13, 2004, at 6:50 AM, pf-r at solarflux.org wrote:

> OS X is based on the mach (micro)kernel, I believe.  I'm all for 
> having pf
> ported over to OS X!

MacOS X is the combination of the Darwin operating system 
<http://www.opendarwin.org> and Apple's proprietary additions 
(principally APIs and user interface).  The Darwin kernel places in one 
address space a hybrid mach microkernel and FreeBSD-derived kernel, 
with mach handling IPC and scheduling and BSD handling the *nix system 
calls expected to be supported by a *nix operating system.  Apple has 
not prioritized firewalling, and until recently hasn't shipped hardware 
which would make serious firewallers especially interested.  The 
Darwin/MacOS X firewall, the ipfw obtained from the last FreeBSD synch, 
is contained in a loadable kernel module called a .kext (kernel 
extension). (the kernel extension is located at 
/System/Library/Extensions/IPFirewall.kext and the source should be at 
opendarwin.org)

> BTW, I've updated the pf-r with some new content; mainly the latest 
> version of
> pf-freebsd, a 'fresh' section at the top for news, some new tools 
> (including
> Hatchet)...  I'm going to go over the examples again soon and try to 
> better
> categorize them (grouping by features, if possible).

Efforts to get pf working on MacOS X would be greatly appreciated by 
some users, and making sure it fits into a separate .kext would allow 
selection of which firewall tool to load at boot time.

Best regards,
	Chris


----- End forwarded message -----

More information about the freebsd-pf mailing list