On Sep 30, 2024, at 4:33 AM, Sad Clouds <cryintotheblue...@gmail.com> wrote: > > Solaris 11.3 ported OpenBSD pf packet filter and I've seen some performance > tests from FreeBSD devs where it supposedly has much better performance > compared to ipf. I wonder if Illumos devs have plans to do something > similar...
That's a big forklift upgrade. Nobody in the community has the cycles, or the pressing-need, to perform that, no matter how good of an idea it may be. I personally think we should decouple NAT and Firewalling. And I believe Oxide has OPTE in their suite of software that may perform some of those NAT functions, along with possibly solving other adjacent problems. (I haven't given OPTE a proper read; just a README skim.) Dan ------------------------------------------ illumos: illumos-discuss Permalink: https://illumos.topicbox.com/groups/discuss/T9d062e0103867ec4-Me679973dc0f1c3bfcaabc2c9 Delivery options: https://illumos.topicbox.com/groups/discuss/subscription
