Date: Fri, 1 Jun 2007 18:22:31 +0200 From: Max Laier <max@love2party.net> To: "Greg Hennessy" <Greg.Hennessy@nviz.net> Cc: freebsd-current@freebsd.org, freebsd-pf@freebsd.org Subject: Re: pf(4) status in 7.0-R Message-ID: <200706011822.33043.max@love2party.net> In-Reply-To: <002801c7a467$d70da190$8528e4b0$@Hennessy@nviz.net> References: <20070601103549.GA22490@localhost.localdomain> <200706011717.54698.max@love2party.net> <002801c7a467$d70da190$8528e4b0$@Hennessy@nviz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 01 June 2007, Greg Hennessy wrote: > > ditto. I'd like to import a couple of features on a per-feature base > > rather than doing a complete import which isn't possible anymore due > > to SMP and routing code changes. > > Is the inability to completely sync PF with the latest OpenBSD release > cast in stone for here on, or it an issue of resource to do ? > > Just curious in light of recent PF improvements as detailed here > > http://www.undeadly.org/cgi?action=article&sid=20070528213858 This is a completely unrelated issue really. Is debateable if it is good practice to put all that information into the pkthdr, but the speed improvement is something for sure. It remains to be seen if FreeBSD's mbuf tags perform as badly as OpenBSD's and - if they do - what can be done about that. One thing to keep in mind, however, pf is not the one and only Firewall in FreeBSD and there are *many* other places that use mbuf tags, too. I would rather look for a more general optimization of the mbuf tag framework - if required - , than gluttering the m_pkthdr with all fields one can think of (pf, ipfw, ipf, vlans, ipsec, altq ...) -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706011822.33043.max>