Date: Fri, 01 Jun 2007 15:10:16 +0100 From: Hugo Silva <hugo@barafranca.com> To: LI Xin <delphij@delphij.net>, freebsd-current@FreeBSD.ORG Subject: Re: pf(4) status in 7.0-R Message-ID: <466028C8.2060105@barafranca.com> In-Reply-To: <465FFFA4.1060706@delphij.net> References: <20070601103549.GA22490@localhost.localdomain> <465FFFA4.1060706@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
LI Xin wrote: > Stanislaw Halik wrote: > >> Heya, >> >> Are there any plans to sync pf(4) before 7.0-R? OpenBSD has some neat >> stuff in it, including expiretable functionality, which would come in >> handy. >> > > Last time I have talked with Max (Cc'ed) about the issue, we finally > figured out that porting the whole stuff would need some infrastructural > changes to our routing code, which could be risky so we wanted to avoid > it at this stage (about 15 days before RELENG_7 code freeze). On the > other hand, some functionality (like the expiretable feature) does not > seem to touch a large part of kernel and might be appropriate > RELENG_7(_0) candidate. > > Could you please enumerate some features that FreeBSD is currently lack > of and are considered "high priority" so we will be able to evaluate > whether to port? > > BTW. Patches are always welcome, as usual :-) So don't hesitate to > submit if you already did some work. > > Cheers, > http://undeadly.org/cgi?action=article&sid=20070424020008 pflog(4) is clonable After creating additional pflog interfaces (using ifconfig), rules can specify which pflog interface to use: "pass out log to pflog1 on $ext_if to port smtp". This will log traffic sent to SMTP servers to a different log interface than the default. pflogd(8) and spamlogd(8) (spamlogd -l pflog1) can now be told which pflog interface to work with. is the most interesting for my usual workloads :) Best regards, Hugo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?466028C8.2060105>