pf and keep/modulate state on 6.2
jbronson at sixcompanies.com
Sat Jul 21 13:20:18 UTC 2007
At 02:08 PM 7/21/2007 +0100, RW wrote:
>On Sat, 21 Jul 2007 07:29:53 -0500
>JD Bronson <jbronson at sixcompanies.com> wrote:
> > thanks for the update on this. I had forgot about it since I just
> > stopped using modulate state (is it really needed anymore?).
> > Then, the beginning of this month I moved my firewall/router back
> > over to OpenBSD 4.1 to stay more current with pf instead of running
> > -CURRENT within FreebSD.
> > This fix really should be incorporated into 6.2-STABLE or even
> > 6.2-STANDARD I think. I wonder how many people use this and don't
> > even know its messed up?
>I think it depends what percentage of people see connections actually
>petering-out to nothing, like I did, rather that just slowing down.
>What I'm wondering is how many more serious bugs have been fixed in
>OpenBSD, but not ported. As well as modulate state, I also stopped
>using hfsc because ping-times sometimes just seem to jump-up to several
>seconds and stay there.
I never understood why Freebsd can't keep up to date with openbsd at
least in regards to pf....thats the #1 reason I dont use freebsd as a
If they kept up to date, freebsd would rock. I always get much better
performance than with openbsd..but with openbsd, I get stability and
current versions of pf and the features therein, that I am after....
Netbsd is MUCH worse...I tried to use some pf commands and got errors
only to find out that these features are not in the pf that ships
with 3.0.1 netbsd.
I was very surprised...gee, how the heck OLD is pf in Netbsd 3.0.1 ?!!?
Maybe whomever supports/ports pf into freebsd will read this and
either respond with reasons as to why freebsd cant be closer in sync
with pf from openbsd or at least update it more often.
More information about the freebsd-questions