Updated: 2022/Sep/29

Please read Privacy Policy. It's for your privacy.

NPF(7)                 Miscellaneous Information Manual                 NPF(7)

NAME
     NPF - NetBSD packet filter

DESCRIPTION
     NPF is a layer 3 packet filter, supporting IPv4 and IPv6 as well as layer
     4 protocols such as TCP, UDP, and ICMP.  It was designed with a focus on
     high performance, scalability, and modularity.

FEATURES
     NPF offers the traditional set of features provided by packet filters.
     Some key features are:

           ⊕   Stateful inspection (connection tracking).

           ⊕   Network address translation (NAT).  This includes static
               (stateless) and dynamic (stateful) translation, port
               translation, bi-directional NAT, etc.

           ⊕   IPv6-to-IPv6 network prefix translation (NPTv6).

           ⊕   Tables for efficient IP sets.

           ⊕   Application Level Gateways (e.g., to support traceroute).

           ⊕   Use of BPF with just-in-time (JIT) compilation.

           ⊕   Rule procedures and a framework for NPF extensions.

           ⊕   Traffic normalisation (extension).

           ⊕   Packet logging (extension).

     For a full set of features and their description, see the NPF
     documentation website and other manual pages.

SEE ALSO
     libnpf(3), bpf(4), bpfjit(4), npf.conf(5), npf-params(7), pcap-filter(7),
     npfctl(8), npfd(8)

     NPF project page: https://github.com/rmind/npf/

     NPF documentation website: http://rmind.github.io/npf/

HISTORY
     NPF was written from scratch in 2009 and is distributed under the
     2-clause BSD license.  It first appeared in NetBSD 6.0.

AUTHORS
     NPF was designed and implemented by Mindaugas Rasiukevicius.

NetBSD 10.99                    August 11, 2019                   NetBSD 10.99