From owner-svn-src-projects@freebsd.org Tue Sep 3 14:06:10 2019 Return-Path: Delivered-To: svn-src-projects@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1377DDC426 for ; Tue, 3 Sep 2019 14:06:09 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46N7z371Zkz4PDk; Tue, 3 Sep 2019 14:06:07 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 1452) id 238341A1A9; Tue, 3 Sep 2019 14:05:59 +0000 (UTC) X-Original-To: yuripv@localmail.freebsd.org Delivered-To: yuripv@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [96.47.72.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id 5C8F65C4D; Wed, 3 Apr 2019 21:30:35 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2C3856E7D9; Wed, 3 Apr 2019 21:30:35 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 538) id 108345C4C; Wed, 3 Apr 2019 21:30:35 +0000 (UTC) Delivered-To: src-committers@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [96.47.72.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id E35395C44; Wed, 3 Apr 2019 21:30:31 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from relay10.mail.gandi.net (relay10.mail.gandi.net [217.70.178.230]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DE4486E7CA; Wed, 3 Apr 2019 21:30:29 +0000 (UTC) (envelope-from gnn@neville-neil.com) Received: from [10.37.129.2] (unknown [65.88.88.178]) (Authenticated sender: gnn@neville-neil.com) by relay10.mail.gandi.net (Postfix) with ESMTPSA id 10B14240005; Wed, 3 Apr 2019 21:30:20 +0000 (UTC) From: "George Neville-Neil" To: "Kristof Provost" Cc: rgrimes@freebsd.org, "Andrey V. Elsukov" , "Mateusz Guzik" , src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: Re: svn commit: r345760 - in head: contrib/pf sys/netpfil/pf sbin/pfctl X-Mailer: MailMate (1.12.4r5594) Message-ID: <7A8504D1-7A27-4B8D-8263-9AC54EABBF88@neville-neil.com> In-Reply-To: References: <201904011348.x31Dm86D015297@gndrsh.dnsmgr.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Precedence: bulk X-Loop: FreeBSD.org Sender: owner-src-committers@freebsd.org X-Rspamd-Queue-Id: 2C3856E7D9 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.99 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.99)[-0.992,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] Status: O X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.29 List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Tue, 03 Sep 2019 14:06:11 -0000 X-Original-Date: Wed, 03 Apr 2019 17:27:26 -0400 X-List-Received-Date: Tue, 03 Sep 2019 14:06:11 -0000 On 1 Apr 2019, at 12:16, Kristof Provost wrote: > On 1 Apr 2019, at 15:48, Rodney W. Grimes wrote: >> [ Charset UTF-8 unsupported, converting... ] >>> On 01.04.2019 16:30, Rodney W. Grimes wrote: >>> It seems it is too late: >>> https://marc.info/?l=openbsd-tech&m=155409489427092&w=2 >> >> I am wondering on the above as it has a date of: >> Date: 2019-04-01 5:01:03 >> >> which would be in line with Kristof's joke. >> > Yes, OpenBSD are clearly joking as well. > >>> http://mail-index.netbsd.org/tech-kern/2019/03/29/msg024883.html >> This is inline with what is being proposed here, NetBSD has >> old rotted code that needs updated. > > [Disclaimer: I do not speak for NetBSD, and based this on my reading > of that thread] > > NetBSD however are serious. > Their situation is slightly different, in that their primary reason is > that they don’t have a maintainer for their pf version and it’s > suffering from significant bitrot. > > Our situation is somewhat better. Our pf is maintained and does get > bug fixes and improvements. Not as many as I’d like, but there’s > something. > >> Rather than do that work >> twice, do it 1.5 times (implementing the same technology in >> 2 OS's should be less work than doing it twice.) >> >> I believe there is grant money avaliable from a non Foundation >> source that could be used to do this work. >> > I’m not at all opposed to updating our pf, but there are a few > obstacles (technical: performance, syntax and vimage. Practical: this > is a lot of work). If people are interested in that discussion I’d > propose someone start a new thread on freebsd-pf@, and I’ll expand > on what I think the problems are and what needs to be done. > > I’d also be interested in knowing what people are looking for from > an updated pf in FreeBSD. What are the improvements in OpenBSD that > you’d really like to see in FreeBSD? > In the age of NAT do we really need a firewall? Yes, it's April 3rd but, you did start it :-) Best George