[pf4freebsd] Re: pf backport to freebsd 4.x?
yongari at kt-is.co.kr
Wed Sep 15 21:01:42 PDT 2004
On Mon, Feb 23, 2004 at 09:58:59AM +0000, DrumFire wrote:
> Hi all,
> first of all, I'd like to thank you for the great job that you
> have done to port pf on FreeBSD 5.x.
> It's possible to port pf on FreeBSD 4.x also?
Yes. But, there is already pf on FreeBSD 4.x in KAME tree.
You can try it when you need pf on FreeBSD 4.x.
> When I propose to some people to try pf as packet filter, they
> answer me that can't, because their use a 4.x stable branch as
> firewall instead of a 5.x branch.
> So if you can port pf on a 4.x branch, I think that more people
> will try pf :)
The main reason I did not port pf to FreeBSD 4.x branch was:
1. I don't use 4.x at all
2. there is much kernel differences between 4.x and 5.x
3. needs kernel patch for 4.x which discourages users from adopting pf
4. lack of time(I have full time job)
Now Max Laier has commit bit and he already committed a fix to use pf
without setting "net.inet.ip.forwarding=1" in rdr rule. This will fix
the issue requiring forwards for rdrs in local system.
(e.g. rdr ... -> 127.0.0.1 port 25)
He will try to bring pf into tree.
Maybe upcoming 5.3R will be the first stable release on 5.x road map.
When it happen more users move to 5.x and we will get more pf users.(IMO)
Pyun YongHyeon <http://www.kr.freebsd.org/~yongari>
More information about the freebsd-pf