PF bugs
Mike.
the.lists at mgm51.com
Sat Jun 22 14:47:13 UTC 2013
On 6/21/2013 at 10:47 PM Stan Gammons wrote:
|On Fri, 2013-06-21 at 23:24 -0400, Maxim Khitrov wrote:
|> For what it's worth, I've been gradually migrating the few firewalls
|> that I maintain to OpenBSD. FreeBSD pf is fine, and it's what I use
|> for protecting individual servers, but I find that the new syntax,
|> which was introduced after OpenBSD 4.5, produces rulesets that are
|> more compact and easier to maintain when it comes to routing traffic
|> between networks. The new priority queuing (set prio) is much
simpler
|> than ALTQ (and should perform better, though I haven't tested this).
|> I'm also looking forward to the work that's being done to free HFSC
|> from ALTQ and make it understandable and usable by mere mortals.
|
|I too like OpenBSD and wish PF was in sync on both OS.
| [snip]
=============
While I suspect the core of pf on FreeBSD has diverged too much to keep
the FreeBSD pf in sync with the OpenBSD pf [imo, and that's a shame],
it would be most helpful if FreeBSD's pf.conf syntax and pf
functionality were more closely aligned with what is currently
happening with pf on OpenBSD.
I run both OpenBSD and FreeBSD systems, and the pf differences are a
drag.....
More information about the freebsd-pf
mailing list