PF bugs
Stan Gammons
s_gammons at charter.net
Sat Jun 22 03:30:17 UTC 2013
On Fri, 2013-06-21 at 21:44 -0500, Chris Buechler wrote:
> pf is actively developed and maintained on FreeBSD, and widely used.
> The PRs that are open are largely ages old, no longer relevant and
> need to be cleaned up, or were bunk to begin with. There aren't really
> that many open either considering, every component of any widely used
> OS has open bugs. That's not indicative of anything in itself
> generally. FreeBSD+pf is the base of a significant number of
> firewalls, 180,000+ known live systems on pfSense alone (though that's
> not quite stock FreeBSD pf, it's close), and many others.
Ok. I wish PF on FreeBSD and OpenBSD were in sync.
Yes, pfSense is pretty close and has a lot of great features.
> In what regard? What are you looking for that doesn't exist?
Well, I've tinkered with hatchet some on OpenBSD and it's Ok. It seems
as though the tcpdump output on OpenBSD is different than FreeBSD too.
But I'm looking for something that can process the tcpdump log from PF
on either BSD more like what Lire (logreport) does with syslog, snort,
postfix, etc logs. Perhaps something like that exist and I'm just
unaware of it.
Stan
More information about the freebsd-pf
mailing list