Future of pf / firewall in FreeBSD ? - does it have one ?
Andrey V. Elsukov
bu7cher at yandex.ru
Mon Jul 21 11:12:45 UTC 2014
On 20.07.2014 18:15, Maxim Khitrov wrote:
> In my opinion, the way forward is to forget (at least temporarily) the
> SMP changes, bring pf in sync with OpenBSD, put a policy in place to
> follow their releases as closely as possible, and then try to
> reintroduce all the SMP work. I think the latter has to be done
> upstream, otherwise it'll always be a story of diverging codebases.
> Furthermore, if FreeBSD developers were willing to spend some time
> improving pf performance on OpenBSD, then Henning and other OpenBSD
> developers might be more receptive to changes that make the porting
> process easier.
Even if you just drop current PF from FreeBSD, there is nobody, who want
to port new PF from OpenBSD. And this is not easy task, as you may
think. Gleb has worked on rewriting PF more than half year. So, return
back all improvements after import will be hard enough and, again,
nobody want to do it. :)
--
WBR, Andrey V. Elsukov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20140721/f553a222/attachment.sig>
More information about the freebsd-current
mailing list