Finally, an indication of the level of feeling inspired by PF in its users is in order. On the PF mailing list, a message with the subject of "Things pf can't do?" appeared in May 2004. The message had been written by someone who did not have a lot of firewalls experience, and who consequently found it hard to get the setup he or she wanted.
This, of course, lead to some discussion, with several participants saying that if PF was hard on a newbie, the alternatives were certainly not a bit better. The thread ended in the following haiku of praise from Jason Dixon, which is given intact as it came, along with Jason's comments:
Compared to working with iptables, PF is like this haiku: A breath of fresh air, floating on white rose petals, eating strawberries. Now I'm getting carried away: Hartmeier codes now, Henning knows not why it fails, fails only for n00b. Tables load my lists, tarpit for the asshole spammer, death to his mail store. CARP due to Cisco, redundant blessed packets, licensed free for me.
Jason Dixon, on the PF email list, May 20th, 2004 (http://marc.info/?l=openbsd-pf&m=108507584013046&w=2)