How to find out which version of PF a given box is using...

Matthew Seaman m.seaman at
Wed Sep 21 07:34:53 UTC 2011

On 21/09/2011 07:34, Modulok wrote:
> Is there an easy way to find out what version of PF a given FreeBSD version is
> using? Currently I'm doing this:
>     grep -iE '\bpf\b' /usr/src/UPDATING
> Just wondering if I'm missing something. I didn't see any '--version'
> flag in pfctl.

Uh -- bpf is a different thing to PF.  bpf is Berkeley Packet Filter
which isn't anything to do with firewalling, but used eg. by tcpdump to
select certain packets from the wire.  As far as I know, bpf doesn't
have a separate version number; it just uses the OS version number.
It's been part of BSD Unices since dinosaurs roamed the earth.

PF is the firewalling code imported from OpenBSD.  Again, it's part of
the base system in OpenBSD so it just uses the OpenBSD version number.
Every so often there will be a new import from OpenBSD -- I believe most
released versions of FreeBSD are using PF from OpenBSD 4.2, but there is
an update to OpenBSD 4.mumble in the works for the upcoming FreeBSD 9.0
release.  You'ld have to check the commit history in CVS or SVN to be sure.



Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP:     Ramsgate
JID: matthew at               Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url :

More information about the freebsd-questions mailing list