Future of pf / firewall in FreeBSD ? - does it have one ?
freebsd-questions at herveybayaustralia.com.au
Sun Jul 20 11:58:34 UTC 2014
On 07/18/14 23:26, krad wrote:
> this is also another important point. If you go onto google and search on
> how to do this and that under pf, you get a mix of freebsd, and openbsd
> stuff coming up. I havent analysed it but i think the majority of the stuff
> is openbsd related. THerefore I find some nice solution to my problem, only
> to find out a bit later I cant use it because its not supported under
> freebsd. This is anoying, but more importantly confuses new sysadmins and
> puts them off adopting pf and possibly a bsd at all.
Ditto on all this! The doc for pf is all only available under man, and
any references (in handbook, etc) go to openbsd which then creates
syntax issues. And obviously easing feature updates and compatibility is
an enormous plus for devs and doc producers.
Perhaps backward compatibility could be a tack on instead?
So a huge ++1 for an update to syntax from me. Pretty please :)
> On 18 July 2014 14:12, Gerrit Kühn <gerrit.kuehn at aei.mpg.de> wrote:
>> On Fri, 18 Jul 2014 15:06:45 +0400 Gleb Smirnoff <glebius at FreeBSD.org>
>> wrote about Re: Future of pf / firewall in FreeBSD ? - does it have one ?:
>> GS> The pf mailing list is about a dozen of active people. Yes, they are
>> GS> vocal on the new syntax. But there also exist a large number of common
>> GS> FreeBSD users who simply use pf w/o caring about syntax and reading pf
>> GS> mailing list. If we destroy the syntax compatibility a very large
>> GS> population of users would be hurt, for the sake of making a dozen
>> GS> happy.
>> I have thought about this for some time now, and I think I do not agree. I
>> do remember quite well when OpenBSD changed from ipf to pf, and I had to
>> come up with new rules files. Yes, this is a burden for people maintaining
>> these systems, but if the thing is well documented and comes with benefits
>> (like staying in sync with other developers, allowing new features etc.) I
>> doubt that many people will really be minding this.
>> freebsd-questions at freebsd.org mailing list
>> To unsubscribe, send any mail to "
>> freebsd-questions-unsubscribe at freebsd.org"
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions