Upgrading FreeBSD to use the NEW pf syntax.
Peter Jeremy
peter at rulingia.com
Tue Nov 20 04:21:51 UTC 2012
On 2012-Nov-20 02:23:07 -0000, Paul Webster <paul.g.webster at googlemail.com> wrote:
>I am aware this is a much discussed subject since the upgrade of PF, I
>believe the final decision was that to many users are used to the old
>style pf and an upgrade to the new syntax would cause to much confusion.
FreeBSD deprecation policies mean that the existing (old) pf syntax would
need to be supported for at least the duration of the 9.x branch (and
possibly the 10.x branch).
>1) To move to the newer pf and just add to releases notes what had
>happened,
Since the new pf syntax is incompatible with the existing syntax, this
would not be acceptable on any stable branch (8.x, 9.x). It could be
done on 10.x but the incompatibility would make migrating from 9.x to
10.x harder.
>2) my own personal opinion: creating 'pf2-*' as a kernel option tree,
>basically using the newer pf syntax and allowing users to choose.
This would probably be the preferred option as it would allow users to
migrate at their leisure.
>I would be interested to know the feedback from you guys as to be honest
>there seems to be quite a few users who actually DO want the new style
>format and functionality that comes with.
My understanding is that there are significant differences in locking
between OpenBSD and FreeBSD, which would make porting the new pf non-
trivial. New feature requests generally come down to finding the man-
power to implement and maintain them.
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20121120/2583c1ec/attachment.sig>
More information about the freebsd-pf
mailing list