Date: Fri, 1 Jun 2007 15:01:25 +0200 From: Stanislaw Halik <sthalik@tehran.lain.pl> To: freebsd-current@freebsd.org Subject: Re: pf(4) status in 7.0-R Message-ID: <20070601130125.GA23695@localhost.localdomain> In-Reply-To: <465FFFA4.1060706@delphij.net> References: <20070601103549.GA22490@localhost.localdomain> <465FFFA4.1060706@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jun 01, 2007, LI Xin wrote: >> Are there any plans to sync pf(4) before 7.0-R? OpenBSD has some neat >> stuff in it, including expiretable functionality, which would come in >> handy. > Last time I have talked with Max (Cc'ed) about the issue, we finally > figured out that porting the whole stuff would need some infrastructural > changes to our routing code, which could be risky so we wanted to avoid > it at this stage (about 15 days before RELENG_7 code freeze). On the > other hand, some functionality (like the expiretable feature) does not > seem to touch a large part of kernel and might be appropriate > RELENG_7(_0) candidate. > Could you please enumerate some features that FreeBSD is currently lack > of and are considered "high priority" so we will be able to evaluate > whether to port? >From what I've spotted on the OpenBSD Journal: - http://marc.info/?l=openbsd-cvs&m=118037274607974&w=2 Claims a large speedup to pf. I'm not entirely sure if it's applicable to FreeBSD as well. - http://marc.info/?l=openbsd-cvs&m=118040004621784&w=2 A 10% speedup. This one should apply to FreeBSD as well. - http://marc.info/?l=openbsd-cvs&m=116915376827511&w=2 Userland portion of the expiretable patch. I'm unable to find the kernel-land one, though. `expiretable' makes `overload' and any other kind of automated blacklisting a lot more useful. Thanks in advance for importing any of these. > BTW. Patches are always welcome, as usual :-) So don't hesitate to > submit if you already did some work. I apologize for not being able to be of any help, but I'm no kernel developer. -- Whenever you find that you are on the side of the majority, it is time to reform. -- Mark Twain
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070601130125.GA23695>