netbsd.able-INSTALL.gz -> netbsd-INSTALL.ABLE.gz
netbsd.aout-INSTALL.gz -> netbsd-INSTALL.aout.gz
XXX: Probably it's simpler to have default ELF (currently ABLE) kernels
XXX: and optional a.out ones for old firmware as sgimips does for ecoff ones.
Ext2fs doesn't have enough free space (it has only 1KB)
to store this primary loader, but we can put it into
an independent small 'boot' partition as NetBSD/hp300 does
if it's really necessary.
It could be a fun project to add smaller pre-primary loader
that loads ~8KB primary loader for ext2fs, but probably it's unlikely
because there is a functional wheel named GRUB for ext2fs.
per running INSTALL kernel name taken from sysctl kern.version.
XXX: on all arm ports, sysctl hw.cpu_model returns a processor name,
XXX: not machine model as mentioned in <sys/sysctl.h>.
- Designed to be fully MP-safe and highly efficient.
- Tables/IP sets (hash or red-black tree) for high performance lookups.
- Stateful filtering and Network Address Port Translation (NAPT).
Framework for application level gateways (ALGs).
- Packet inspection engine called n-code processor - inspired by BPF -
supporting generic RISC-like and specific CISC-like instructions for
common patterns (e.g. IPv4 address matching). See npf_ncode(9) manual.
- Convenient userland utility npfctl(8) with npf.conf(8).
NOTE: This is not yet a fully capable alternative to PF or IPFilter.
Further work (support for binat/rdr, return-rst/return-icmp, common ALGs,
state saving/restoring, logging, etc) is in progress.
Thanks a lot to Matt Thomas for various useful comments and code review.
Aye by: board@
