NPF(7) NetBSD Miscellaneous Information Manual NPF(7)
NPF -- NetBSD packet filter
NPF is a layer 3 packet filter, supporting IPv4 and IPv6 as well as layer 4 protocols such as TCP, UDP, and ICMP. It was designed with a focus on high performance, scalability, and modularity. NPF was written from scratch in 2009 and is distributed under the 2-clause BSD license.
NPF offers the traditional set of features provided by packet filters. Some key features are: · Stateful inspection (connection tracking). · Network address translation (NAT). This includes static (stateless) and dynamic (stateful) translation, port transla- tion, bi-directional NAT, etc. · IPv6-to-IPv6 network prefix translation (NPTv6). · Tables for efficient IP sets. · Application Level Gateways (e.g., to support traceroute). · NPF uses BPF with just-in-time (JIT) compilation. · Rule procedures and a framework for NPF extensions. · Traffic normalization (extension). · Packet logging (extension). For a full set of features and their description, see the NPF documenta- tion and other manual pages.
libnpf(3), bpf(4), bpfjit(4), npf.conf(5), pcap-filter(7), npfctl(8) NPF documentation: http://www.netbsd.org/~rmind/npf/
NPF first appeared in NetBSD 6.0.
NPF was designed and implemented by Mindaugas Rasiukevicius. NetBSD 7.0 July 13, 2015 NetBSD 7.0
You can also request any man page by name and (optionally) by section: