From: "Theo de Raadt" <deraadt@openbsd.org>
Subject: Re: dhcpd(8): use UDP sockets instead of BPF
To: Alexandr Nedvedicky <sashan@fastmail.net>
Cc: tech@openbsd.org
Date: Mon, 16 Jun 2025 07:49:08 -0600

>     the idea is the dhcp/bootp traffic for client should be covered by 'pass
>    all' rule.  the semi-working diff is attached for reference.

I worry quite a lot about this proposal since it presumes people have
written their pf.conf files according to a particular style.

Anyone using dhcpd and a hand-written pf.conf is have a pretty bad time
with this, and I do not believe forwarn communication will change
anything.

As a second point, I think the components of the solution are very
complicated compared to the existing bpf approach.