Updating our translation functionality
J.R. Oldroyd
fbsd at opal.com
Thu Feb 27 09:08:53 UTC 2020
Hi,
I read back and found the thread last August "Update to PF from OpenBSD
6.5".
I was going to ask the same thing but, given the complexities discussed
in the responses there, perhaps the question should be asked a different
way round.
How much work would it be to add in OpenBSD's latest translation
functionality to our implementation?
OpenBSD's pf has new translation functionality, specifically nat64
support using the "af-to" syntax. At the same time, existing
translation syntax was changed with the nat, binat and rdr rule
syntax changing to "pass ... nat-to ..." etc.
I think it is good that we are still called "pf" here and that we do try
to maintain compatibility with other pf implementations. So, we should
consider adding the new translation functionality to our implementation.
Understood that this means requiring changes to existing pf.conf
configurations but these can be documented with examples and announced
in advance.
How big of a project would this be?
-jr
More information about the freebsd-pf
mailing list