afa2f73a31
Updated to OpenBSD 3.7 pf: * Support limiting TCP connections by establishment rate, automatically adding flooding IP addresses to tables and flushing states (max-src-conn-rate, overload <table>, flush global). * Improved functionality of tags (tag and tagged for translation rules, tagging of all packets matching state entries). * Improved diagnostics (error messages and additional counters from pfctl -si). * New keyword set skip on to skip filtering on arbitrary interfaces, like loopback. * Several bugfixes improving stability. ALTQ is now also supported by using the option 'altq', see the homepage for information about how to apply the kernel patch. Approved by: Thomas Klausner <wiz@NetBSD.org>
9 lines
431 B
Text
9 lines
431 B
Text
Packet Filter (from here on referred to as PF) is OpenBSD's system for
|
|
filtering TCP/IP traffic and doing Network Address Translation. PF is also
|
|
capable of normalizing and conditioning TCP/IP traffic.
|
|
|
|
PF was originally developed by Daniel Hartmeier and is now maintained and
|
|
developed by Daniel and the rest of the OpenBSD team.
|
|
|
|
This package includes a complete port (LKM and userland utilities) from
|
|
OpenBSD 3.7 to NetBSD 2.0.
|