How to find out which version of PF a given box is using...

Matthew Seaman m.seaman at infracaninophile.co.uk
Wed Sep 21 08:06:00 UTC 2011 

On 21/09/2011 08:34, Matthew Seaman wrote:
> On 21/09/2011 07:34, Modulok wrote:
>> Is there an easy way to find out what version of PF a given FreeBSD version is
>> using? Currently I'm doing this:
>>
>>     grep -iE '\bpf\b' /usr/src/UPDATING
>>
>> Just wondering if I'm missing something. I didn't see any '--version'
>> flag in pfctl.
> 
> Uh -- bpf is a different thing to PF.  bpf is Berkeley Packet Filter
> which isn't anything to do with firewalling, but used eg. by tcpdump to
> select certain packets from the wire.  As far as I know, bpf doesn't
> have a separate version number; it just uses the OS version number.
> It's been part of BSD Unices since dinosaurs roamed the earth.

One of these days I'll learn not to send e-mail before coffee.  Please
ignore the above -- red herring.

> PF is the firewalling code imported from OpenBSD.  Again, it's part of
> the base system in OpenBSD so it just uses the OpenBSD version number.
> Every so often there will be a new import from OpenBSD -- I believe most
> released versions of FreeBSD are using PF from OpenBSD 4.2, but there is
> an update to OpenBSD 4.mumble in the works for the upcoming FreeBSD 9.0
> release.  You'ld have to check the commit history in CVS or SVN to be sure.

In fact, the last import listed as such in the CVS history was from
OpenBSD 4.1 but that was around 2007 when FreeBSD was on version 6.x --
long time ago.  There's been plenty of updates since (which, IIRC, made
the FreeBSD code pretty much equivalent to what is in OpenBSD 4.2), but
no wholesale reimport until about 2 months ago, when OpenBSD 4.5 code
was imported into head.

http://svnweb.freebsd.org/base?view=revision&revision=223637

AFAIK, that is not a candidate for MFC to stable/8 or earlier, as it
modifies KBIs.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew at infracaninophile.co.uk               Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 267 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20110921/8659ac33/signature.pgp

More information about the freebsd-questions mailing list