Upgrading FreeBSD to use the NEW pf syntax. (Copied from freebsd-pf)

Gleb Smirnoff glebius at FreeBSD.org
Wed Nov 21 07:45:22 UTC 2012


On Tue, Nov 20, 2012 at 01:24:49PM +0100, Olivier Smedts wrote:
O> > The other question that I haven't seen answered (or maybe even asked), but
O> > is relevant: what do we gain by going to a later version of pf?  I.e. as an
O> > administrator, what benefit do I get by having to expend effort converting
O> > my filter rules?
O> >
O> > Gary
O> At some time we'll surely *have* to upgrade our pf, because the legacy
O> version won't be supported upstream. I say that a major release is the
O> most appropriated place for such a change.

This isn't answer to Gary's question, sorry. He asked for what exact features
or performance gains are we talking about when we say "the new pf".

Regarding your answer. First, OpenBSD never supports anything older than
the latest release. Thus, pf in FreeBSD was never supported by OpenBSD
and never would be. Second, if you carefully analyze current open problem
reports in GNATS assigned to freebsd-pf, you would find, that vast majority
of them are specific to FreeBSD port and are not shared with OpenBSD. Taking
this into account I will state, that pf needs to be supported by FreeBSD
developers, end.

Totus tuus, Glebius.

More information about the freebsd-current mailing list