Module Name: src
Committed By: maxv
Date: Wed Aug 1 16:59:10 UTC 2018
Modified Files:
src/sys/arch/amd64/conf: GENERIC XEN3_DOM0 XEN3_DOMU
src/sys/arch/i386/conf: GENERIC GENERIC_PS2TINY GENERIC_TINY
INSTALL_FLOPPY INSTALL_TINY NET4501 XEN3PAE_DOM0 XEN3PAE_DOMU
Log Message:
Unreference IPF/PF from the x86 config files (amd64, i386, xen), and enable
NPF instead when wanted.
To generate a diff of this commit:
cvs rdiff -u -r1.497 -r1.498 src/sys/arch/amd64/conf/GENERIC
cvs rdiff -u -r1.153 -r1.154 src/sys/arch/amd64/conf/XEN3_DOM0
cvs rdiff -u -r1.85 -r1.86 src/sys/arch/amd64/conf/XEN3_DOMU
cvs rdiff -u -r1.1184 -r1.1185 src/sys/arch/i386/conf/GENERIC
cvs rdiff -u -r1.79 -r1.80 src/sys/arch/i386/conf/GENERIC_PS2TINY
cvs rdiff -u -r1.157 -r1.158 src/sys/arch/i386/conf/GENERIC_TINY
cvs rdiff -u -r1.43 -r1.44 src/sys/arch/i386/conf/INSTALL_FLOPPY
cvs rdiff -u -r1.156 -r1.157 src/sys/arch/i386/conf/INSTALL_TINY
cvs rdiff -u -r1.101 -r1.102 src/sys/arch/i386/conf/NET4501
cvs rdiff -u -r1.2 -r1.3 src/sys/arch/i386/conf/XEN3PAE_DOM0
cvs rdiff -u -r1.3 -r1.4 src/sys/arch/i386/conf/XEN3PAE_DOMU
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/amd64/conf/GENERIC
diff -u src/sys/arch/amd64/conf/GENERIC:1.497 src/sys/arch/amd64/conf/GENERIC:1.498
--- src/sys/arch/amd64/conf/GENERIC:1.497 Tue Jul 31 16:44:29 2018
+++ src/sys/arch/amd64/conf/GENERIC Wed Aug 1 16:59:09 2018
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.497 2018/07/31 16:44:29 khorben Exp $
+# $NetBSD: GENERIC,v 1.498 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC machine description file
#
@@ -22,7 +22,7 @@ include "arch/amd64/conf/std.amd64"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "GENERIC-$Revision: 1.497 $"
+#ident "GENERIC-$Revision: 1.498 $"
maxusers 64 # estimated number of users
@@ -201,10 +201,6 @@ options NETATALK # AppleTalk networking
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options TCP_SIGNATURE # Enable RFC-2385 TCP md5 signatures
@@ -1286,7 +1282,6 @@ options VND_COMPRESSION # compressed v
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
#pseudo-device carp # Common Address Redundancy Protocol
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device mpls # MPLS pseudo-interface
pseudo-device ppp # Point-to-Point Protocol
@@ -1307,10 +1302,7 @@ pseudo-device bridge # simple inter-ne
pseudo-device agr # IEEE 802.3ad link aggregation
pseudo-device l2tp # L2TPv3 interface
#pseudo-device etherip # Tunnel Ethernet over IP
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
#pseudo-device canloop # CAN loopback interface
Index: src/sys/arch/amd64/conf/XEN3_DOM0
diff -u src/sys/arch/amd64/conf/XEN3_DOM0:1.153 src/sys/arch/amd64/conf/XEN3_DOM0:1.154
--- src/sys/arch/amd64/conf/XEN3_DOM0:1.153 Sat Jun 23 14:14:42 2018
+++ src/sys/arch/amd64/conf/XEN3_DOM0 Wed Aug 1 16:59:09 2018
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3_DOM0,v 1.153 2018/06/23 14:14:42 jakllsch Exp $
+# $NetBSD: XEN3_DOM0,v 1.154 2018/08/01 16:59:09 maxv Exp $
include "arch/amd64/conf/std.xen"
@@ -10,7 +10,7 @@ options INCLUDE_CONFIG_FILE # embed con
#options UVMHIST_PRINT
#options SYSCALL_DEBUG
-#ident "XEN3_DOM0-$Revision: 1.153 $"
+#ident "XEN3_DOM0-$Revision: 1.154 $"
maxusers 32 # estimated number of users
@@ -131,9 +131,6 @@ options NETATALK # AppleTalk networking
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -861,7 +858,6 @@ pseudo-device dm # device-mapper drive
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
pseudo-device ppp # Point-to-Point Protocol
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
@@ -875,10 +871,7 @@ pseudo-device stf # 6to4 IPv6 over IPv
pseudo-device vlan # IEEE 802.1q encapsulation
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
# miscellaneous pseudo-devices
pseudo-device pty # pseudo-terminals
Index: src/sys/arch/amd64/conf/XEN3_DOMU
diff -u src/sys/arch/amd64/conf/XEN3_DOMU:1.85 src/sys/arch/amd64/conf/XEN3_DOMU:1.86
--- src/sys/arch/amd64/conf/XEN3_DOMU:1.85 Tue Jul 17 10:18:32 2018
+++ src/sys/arch/amd64/conf/XEN3_DOMU Wed Aug 1 16:59:09 2018
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3_DOMU,v 1.85 2018/07/17 10:18:32 bouyer Exp $
+# $NetBSD: XEN3_DOMU,v 1.86 2018/08/01 16:59:09 maxv Exp $
include "arch/amd64/conf/std.xen"
@@ -10,7 +10,7 @@ options INCLUDE_CONFIG_FILE # embed con
#options UVMHIST_PRINT
#options SYSCALL_DEBUG
-#ident "XEN3_DOMU-$Revision: 1.85 $"
+#ident "XEN3_DOMU-$Revision: 1.86 $"
maxusers 32 # estimated number of users
@@ -123,10 +123,6 @@ options NETATALK # AppleTalk networking
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -207,7 +203,6 @@ pseudo-device dm # device-mapper drive
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
#pseudo-device carp # Common Address Redundancy Protocol
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device mpls # MPLS pseudo-interface
pseudo-device ppp # Point-to-Point Protocol
@@ -222,10 +217,7 @@ pseudo-device stf # 6to4 IPv6 over IPv
pseudo-device vlan # IEEE 802.1q encapsulation
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
options PAX_MPROTECT=1 # PaX mprotect(2) restrictions
options PAX_ASLR=1 # PaX Address Space Layout Randomization
Index: src/sys/arch/i386/conf/GENERIC
diff -u src/sys/arch/i386/conf/GENERIC:1.1184 src/sys/arch/i386/conf/GENERIC:1.1185
--- src/sys/arch/i386/conf/GENERIC:1.1184 Tue Jul 31 16:44:29 2018
+++ src/sys/arch/i386/conf/GENERIC Wed Aug 1 16:59:09 2018
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC,v 1.1184 2018/07/31 16:44:29 khorben Exp $
+# $NetBSD: GENERIC,v 1.1185 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC machine description file
#
@@ -22,7 +22,7 @@ include "arch/i386/conf/std.i386"
options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "GENERIC-$Revision: 1.1184 $"
+#ident "GENERIC-$Revision: 1.1185 $"
maxusers 64 # estimated number of users
@@ -194,10 +194,6 @@ options NETATALK # AppleTalk networking
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -1653,7 +1649,6 @@ options VND_COMPRESSION # compressed v
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
#pseudo-device carp # Common Address Redundancy Protocol
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device mpls # MPLS pseudo-interface
pseudo-device ppp # Point-to-Point Protocol
@@ -1672,10 +1667,7 @@ pseudo-device vlan # IEEE 802.1q encap
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
pseudo-device agr # IEEE 802.3ad link aggregation
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
#pseudo-device etherip # Tunnel Ethernet over IP
# srt is EXPERIMENTAL
#pseudo-device srt # source-address-based routing
Index: src/sys/arch/i386/conf/GENERIC_PS2TINY
diff -u src/sys/arch/i386/conf/GENERIC_PS2TINY:1.79 src/sys/arch/i386/conf/GENERIC_PS2TINY:1.80
--- src/sys/arch/i386/conf/GENERIC_PS2TINY:1.79 Mon Nov 6 02:57:18 2017
+++ src/sys/arch/i386/conf/GENERIC_PS2TINY Wed Aug 1 16:59:09 2018
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC_PS2TINY,v 1.79 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: GENERIC_PS2TINY,v 1.80 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC-style kernel config for IBM PS/2 with MCA bus. It only contains
# IBM PS/2 related stuff and has been generally trimmed down somewhat,
@@ -105,9 +105,6 @@ options INET6 # IPv6
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
#options PPP_FILTER # Active filter support for PPP (requires bpf)
-#options IPFILTER_LOG # ipmon(8) log support
-#options IPFILTER_LOOKUP # ippool(8) support
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
Index: src/sys/arch/i386/conf/GENERIC_TINY
diff -u src/sys/arch/i386/conf/GENERIC_TINY:1.157 src/sys/arch/i386/conf/GENERIC_TINY:1.158
--- src/sys/arch/i386/conf/GENERIC_TINY:1.157 Mon Nov 6 02:57:18 2017
+++ src/sys/arch/i386/conf/GENERIC_TINY Wed Aug 1 16:59:09 2018
@@ -1,4 +1,4 @@
-# $NetBSD: GENERIC_TINY,v 1.157 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: GENERIC_TINY,v 1.158 2018/08/01 16:59:09 maxv Exp $
#
# GENERIC_TINY -- suitable default for 4M machines
# No EISA, PCI, or SCSI.
@@ -98,10 +98,6 @@ options INET # IP + ICMP + TCP + UDP
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
#options PPP_FILTER # Active filter support for PPP (requires bpf)
-#options IPFILTER_LOG # ipmon(8) log support
-#options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -523,7 +519,7 @@ pseudo-device vnd # disk-like interfac
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
pseudo-device bridge # simple inter-network bridging
-pseudo-device ipfilter # IP filter (firewall) and NAT
+pseudo-device npf # NPF packet filter
pseudo-device loop # network loopback
pseudo-device ppp # Point-to-Point Protocol
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
Index: src/sys/arch/i386/conf/INSTALL_FLOPPY
diff -u src/sys/arch/i386/conf/INSTALL_FLOPPY:1.43 src/sys/arch/i386/conf/INSTALL_FLOPPY:1.44
--- src/sys/arch/i386/conf/INSTALL_FLOPPY:1.43 Mon Nov 6 02:57:18 2017
+++ src/sys/arch/i386/conf/INSTALL_FLOPPY Wed Aug 1 16:59:09 2018
@@ -1,4 +1,4 @@
-# $NetBSD: INSTALL_FLOPPY,v 1.43 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: INSTALL_FLOPPY,v 1.44 2018/08/01 16:59:09 maxv Exp $
#
# INSTALL - Installation kernel.
#
@@ -743,7 +743,6 @@ pseudo-device md # memory disk device
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
-#pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device ppp # Point-to-Point Protocol
pseudo-device sl # Serial Line IP
Index: src/sys/arch/i386/conf/INSTALL_TINY
diff -u src/sys/arch/i386/conf/INSTALL_TINY:1.156 src/sys/arch/i386/conf/INSTALL_TINY:1.157
--- src/sys/arch/i386/conf/INSTALL_TINY:1.156 Mon Nov 6 02:57:18 2017
+++ src/sys/arch/i386/conf/INSTALL_TINY Wed Aug 1 16:59:10 2018
@@ -1,4 +1,4 @@
-# $NetBSD: INSTALL_TINY,v 1.156 2017/11/06 02:57:18 rin Exp $
+# $NetBSD: INSTALL_TINY,v 1.157 2018/08/01 16:59:10 maxv Exp $
#
# This kernel should be derived from INSTALL (which is derived
# from GENERIC) with some features commented out.
@@ -485,7 +485,6 @@ pseudo-device md # memory disk device
# network pseudo-devices
#pseudo-device bpfilter # Berkeley packet filter
-#pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
#pseudo-device ppp # Point-to-Point Protocol
#pseudo-device sl # Serial Line IP
Index: src/sys/arch/i386/conf/NET4501
diff -u src/sys/arch/i386/conf/NET4501:1.101 src/sys/arch/i386/conf/NET4501:1.102
--- src/sys/arch/i386/conf/NET4501:1.101 Fri Jul 13 09:37:32 2018
+++ src/sys/arch/i386/conf/NET4501 Wed Aug 1 16:59:10 2018
@@ -1,4 +1,4 @@
-# $NetBSD: NET4501,v 1.101 2018/07/13 09:37:32 maxv Exp $
+# $NetBSD: NET4501,v 1.102 2018/08/01 16:59:10 maxv Exp $
#
# NET4501 -- kernel configuration for a Soekris Engineering net4501
# single-board computer.
@@ -10,7 +10,7 @@ include "arch/i386/conf/std.i386"
#options INCLUDE_CONFIG_FILE # embed config file in kernel binary
-#ident "NET4501-$Revision: 1.101 $"
+#ident "NET4501-$Revision: 1.102 $"
maxusers 32 # estimated number of users
@@ -124,8 +124,6 @@ options PIM # Protocol Independent Mul
#options PPP_BSDCOMP # BSD-Compress compression support for PPP
#options PPP_DEFLATE # Deflate compression support for PPP
#options PPP_FILTER # Active filter support for PPP (requires bpf)
-#options IPFILTER_LOG # ipmon(8) log support
-#options IPFILTER_LOOKUP # ippool(8) support
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
# These options enable verbose messages for several subsystems.
@@ -241,7 +239,7 @@ pseudo-device crypto # opencrypto fram
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
-pseudo-device ipfilter # IP filter (firewall) and NAT
+pseudo-device npf # NPF packet filter
pseudo-device loop # network loopback
pseudo-device ppp # Point-to-Point Protocol
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
Index: src/sys/arch/i386/conf/XEN3PAE_DOM0
diff -u src/sys/arch/i386/conf/XEN3PAE_DOM0:1.2 src/sys/arch/i386/conf/XEN3PAE_DOM0:1.3
--- src/sys/arch/i386/conf/XEN3PAE_DOM0:1.2 Thu Jul 26 16:22:49 2018
+++ src/sys/arch/i386/conf/XEN3PAE_DOM0 Wed Aug 1 16:59:10 2018
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3PAE_DOM0,v 1.2 2018/07/26 16:22:49 maxv Exp $
+# $NetBSD: XEN3PAE_DOM0,v 1.3 2018/08/01 16:59:10 maxv Exp $
#
# XEN3_0: Xen 3.0 domain0 kernel
@@ -142,9 +142,6 @@ options NETATALK # AppleTalk networking
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -818,7 +815,6 @@ pseudo-device dm # device-mapper drive
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
pseudo-device ppp # Point-to-Point Protocol
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
@@ -834,10 +830,7 @@ pseudo-device stf # 6to4 IPv6 over IPv
pseudo-device vlan # IEEE 802.1q encapsulation
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
# accept filters
pseudo-device accf_data # "dataready" accept filter
Index: src/sys/arch/i386/conf/XEN3PAE_DOMU
diff -u src/sys/arch/i386/conf/XEN3PAE_DOMU:1.3 src/sys/arch/i386/conf/XEN3PAE_DOMU:1.4
--- src/sys/arch/i386/conf/XEN3PAE_DOMU:1.3 Thu Jul 26 16:22:49 2018
+++ src/sys/arch/i386/conf/XEN3PAE_DOMU Wed Aug 1 16:59:10 2018
@@ -1,4 +1,4 @@
-# $NetBSD: XEN3PAE_DOMU,v 1.3 2018/07/26 16:22:49 maxv Exp $
+# $NetBSD: XEN3PAE_DOMU,v 1.4 2018/08/01 16:59:10 maxv Exp $
include "arch/xen/conf/std.xen"
@@ -129,10 +129,6 @@ options NETATALK # AppleTalk networking
options PPP_BSDCOMP # BSD-Compress compression support for PPP
options PPP_DEFLATE # Deflate compression support for PPP
options PPP_FILTER # Active filter support for PPP (requires bpf)
-options IPFILTER_LOG # ipmon(8) log support
-options IPFILTER_LOOKUP # ippool(8) support
-options IPFILTER_COMPAT # Compat for IP-Filter
-#options IPFILTER_DEFAULT_BLOCK # block all packets by default
#options TCP_DEBUG # Record last TCP_NDEBUG packets with SO_DEBUG
#options ALTQ # Manipulate network interfaces' output queues
@@ -205,7 +201,6 @@ pseudo-device dm # device-mapper drive
# network pseudo-devices
pseudo-device bpfilter # Berkeley packet filter
-pseudo-device ipfilter # IP filter (firewall) and NAT
pseudo-device loop # network loopback
pseudo-device ppp # Point-to-Point Protocol
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
@@ -219,10 +214,7 @@ pseudo-device stf # 6to4 IPv6 over IPv
pseudo-device vlan # IEEE 802.1q encapsulation
pseudo-device bridge # simple inter-network bridging
#options BRIDGE_IPF # bridge uses IP/IPv6 pfil hooks too
-#pseudo-device pf # PF packet filter
-#pseudo-device pflog # PF log if
-#pseudo-device pfsync # PF sync if
-#pseudo-device npf # NPF packet filter
+pseudo-device npf # NPF packet filter
# accept filters
pseudo-device accf_data # "dataready" accept filter
