From owner-freebsd-current@FreeBSD.ORG Wed Nov 21 14:44:15 2012 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 97369691; Wed, 21 Nov 2012 14:44:15 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-qa0-f47.google.com (mail-qa0-f47.google.com [209.85.216.47]) by mx1.freebsd.org (Postfix) with ESMTP id 0FED18FC08; Wed, 21 Nov 2012 14:44:14 +0000 (UTC) Received: by mail-qa0-f47.google.com with SMTP id t11so1773074qaa.13 for ; Wed, 21 Nov 2012 06:44:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=q+o60ZtSaH95tgRQk23do0PJXrm0kzNYByxWxnnNgbk=; b=nS/NMF89212RJa8mQizcRMsL55s5nC/MCfARVZhsy20l4unElblLQ1EAHVnL5cvsgN Kdt7N+BTkpHg9pia1WMu8q/l1rd2m3HQmk4KhVV/9fKMUZ8mFMOWj4xrryGSbmlwu73H 6lh8ZAWraDPprTFIyhF/VPNPYqisRMe+WEgG9Sr3PL4/KkrjnsB9OiTUag7NDpbO0NXL 7Hye/aJnbpuYcr85I2nVEcoLYxHohPL5+eTKhMNpEMup3qAPdweej8Pj6x2ny211N30k i5ndLSgFGdrR6nINkV2S72uXOa15ENq3Uwrrb55DxS1ceLoyYk0FQilok7NHGqtAp9yv g87A== MIME-Version: 1.0 Received: by 10.49.103.162 with SMTP id fx2mr21577278qeb.1.1353509053864; Wed, 21 Nov 2012 06:44:13 -0800 (PST) Sender: ermal.luci@gmail.com Received: by 10.49.121.163 with HTTP; Wed, 21 Nov 2012 06:44:13 -0800 (PST) In-Reply-To: <20121121075642.GR67660@FreeBSD.org> References: <201211201543.17903.Mark.Martinec+freebsd@ijs.si> <20121121075642.GR67660@FreeBSD.org> Date: Wed, 21 Nov 2012 15:44:13 +0100 X-Google-Sender-Auth: rXb2ohSklsfR_eCCzKTYP-EF5dw Message-ID: Subject: Re: Upgrading FreeBSD to use the NEW pf syntax. From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= To: Gleb Smirnoff Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: Mark Martinec , freebsd-current@freebsd.org, "freebsd-pf@freebsd.org" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2012 14:44:15 -0000 On Wed, Nov 21, 2012 at 8:56 AM, Gleb Smirnoff wrote: > Mark, > > On Tue, Nov 20, 2012 at 03:43:17PM +0100, Mark Martinec wrote: > M> For one thing, I'm desperately awaiting NAT64 support (the 'af-to' > M> translation rule in newer pf (5.1?), committed on 2011-10). > > Backport this exact feature to FreeBSD and send patch. > > M> Other: packet normalization (scrub) has been reworked and simplified, > M> and is now a rulset option. Considering that scrub is currently broken > M> (9.1, see list of PF bugs in FreeBSD), along with several other > M> bugs that need fixing, it seems the (scarce) manpower would better > M> be spent in moving on, than keeping the already leaky (buggy) pf > M> afloat. > > Yes, scrub improvements can be cherry picked and added to FreeBSD, too. > > The issues is you cannot without modifying rule config. > But if you think that bulk import of new version would close all current > bugs without opening new problems, then you are mistaking. Last bulk > import introduced much more bugs than it closed. And this statement isn't > a accusation towards the person who did the import. This is just a generic > rule. If you take 100k lines of code that were developed for another > operating system kernel and without thourough reviewing it just make it > compile and link with another kernel, then you are about to miss many > rough edges that will show up later, when the code would be utilized. > > Thus, cherry-picking is preferred over bulk imports. > > Well it depends on the amount of work. Cherry-picking would be when tehre is reasonable similarities. Also another argument to do this would be simplicity on locking as well as i told you when you started the changes. Though i am open to work together on this to merge the new syntax thorugh a whole bulk merge rather than cherry-pick. You already have 'broken' some functionality as if-bound in FreeBSD 10.x so why not break syntax and see to introduce if real value behind a converter as well. > -- > Totus tuus, Glebius. > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > -- Ermal