From owner-freebsd-current@FreeBSD.ORG Fri Jul 18 13:02:23 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8E7EC486; Fri, 18 Jul 2014 13:02:23 +0000 (UTC) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4AEF720FD; Fri, 18 Jul 2014 13:02:22 +0000 (UTC) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 053FA28427; Fri, 18 Jul 2014 14:56:20 +0200 (CEST) Received: from illbsd.quip.test (ip-89-177-49-222.net.upcbroadband.cz [89.177.49.222]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 208DF28422; Fri, 18 Jul 2014 14:56:19 +0200 (CEST) Message-ID: <53C919D9.4030006@quip.cz> Date: Fri, 18 Jul 2014 14:58:01 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26 MIME-Version: 1.0 To: Gleb Smirnoff , "Kristian K. Nielsen" Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> In-Reply-To: <20140718110645.GN87212@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jul 2014 13:02:23 -0000 Gleb Smirnoff wrote, On 07/18/2014 13:06: [...] > The pf mailing list is about a dozen of active people. Yes, they are vocal > on the new syntax. But there also exist a large number of common FreeBSD > users who simply use pf w/o caring about syntax and reading pf mailing > list. If we destroy the syntax compatibility a very large population of > users would be hurt, for the sake of making a dozen happy. I don't agree on this part. Almost every bigger project / application needs to make some uncompatible changes over time. Apache, MySQL, PHP, GNOME, KDE... or FreeBSD itself with recent changes from pkg_* to pkg(ng). Backward compatibility cannot be maintained infinitely if new features should be added. I don't see the reason why PF should be exception. And I am writing this as one who really don't need any new PF features, but I am fine with syntax change in newer FreeBSD major version. There were bigger problem with pf.conf in the past - freebsd-update deleted it and machine was unprotected after reboot. So properly announced syntax change and tutorial to conversions is not problem for me and I hope for some others too. Miroslav Lachman