From owner-freebsd-pf@FreeBSD.ORG Thu Sep 16 04:04:38 2004 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 674) id B98D316A4D0; Thu, 16 Sep 2004 04:04:38 +0000 (GMT) Delivered-To: mlaier@vampire.homelinux.org Received: (qmail 51234 invoked by uid 1005); 26 May 2004 09:45:15 -0000 Delivered-To: max@vampire.homelinux.org Received: (qmail 51231 invoked from network); 26 May 2004 09:45:15 -0000 Received: from moutng.kundenserver.de (212.227.126.173) by pd9e394fa.dip.t-dialin.net with SMTP; 26 May 2004 09:45:15 -0000 Received: from [212.227.126.164] (helo=mxng11.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BSuyQ-0000YO-00 for max@vampire.homelinux.org; Wed, 26 May 2004 11:45:22 +0200 Received: from [206.53.239.180] (helo=turing.freelists.org) by mxng11.kundenserver.de with esmtp (Exim 3.35 #1) id 1BSuxT-0007cx-00 for max@love2party.net; Wed, 26 May 2004 11:44:23 +0200 Received: from localhost (localhost [127.0.0.1])ESMTP id 244D472C2D5; Wed, 26 May 2004 04:27:15 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06853-33; Wed, 26 May 2004 04:27:15 -0500 (EST) Received: from turing (localhost [127.0.0.1])ESMTP id 6E90772C379; Wed, 26 May 2004 04:27:14 -0500 (EST) Received: with ECARTIS (v1.0.0; list pf4freebsd); Wed, 26 May 2004 04:27:00 -0500 (EST) X-Original-To: pf4freebsd@freelists.org Delivered-To: pf4freebsd@freelists.org Received: from localhost (localhost [127.0.0.1])ESMTP id 1C6FF72C2D5 for ; Wed, 26 May 2004 04:27:00 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 05971-80 for ; Wed, 26 May 2004 04:26:59 -0500 (EST) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.188])ESMTP id 8254172C221 for ; Wed, 26 May 2004 04:26:59 -0500 (EST) Received: from [212.227.126.206] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BSuxB-0001AK-00 for pf4freebsd@freelists.org; Wed, 26 May 2004 11:44:05 +0200 Received: from [217.227.148.250] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1BSuxA-0002zz-00 for pf4freebsd@freelists.org; Wed, 26 May 2004 11:44:04 +0200 From: Max Laier To: pf4freebsd@freelists.org User-Agent: KMail/1.6.2 References: <40B2DAD4.2040005@computeraddictions.com.au> <40B2E306.1060909@computeraddictions.com.au> <6.1.0.6.2.20040526015840.0ddfad28@213.161.193.184> In-Reply-To: <6.1.0.6.2.20040526015840.0ddfad28@213.161.193.184> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_HcGtANrqtL963hF"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200405261144.39641.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:e28873fbe4dbe612ce62ab869898ff08 X-Virus-Scanned: by amavisd-new at freelists.org X-archive-position: 314 X-ecartis-version: Ecartis v1.0.0 Sender: pf4freebsd-bounce@freelists.org Errors-To: pf4freebsd-bounce@freelists.org X-original-sender: max@love2party.net Precedence: normal X-list: pf4freebsd X-Virus-Scanned: by amavisd-new at freelists.org X-Provags-Forward: max@love2party.net -> max@vampire.homelinux.org X-UID: 430 X-Length: 6697 X-Mailman-Approved-At: Thu, 16 Sep 2004 04:06:09 +0000 Subject: [pf4freebsd] Re: Maturity of this port? X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: pf4freebsd@freelists.org List-Id: Technical discussion and general questions about packet filter (pf) List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 16 Sep 2004 04:04:38 -0000 X-Original-Date: Wed, 26 May 2004 11:44:31 +0200 X-List-Received-Date: Thu, 16 Sep 2004 04:04:38 -0000 --Boundary-02=_HcGtANrqtL963hF Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 26 May 2004 02:05, Arnaud Pignard wrote: > At 08:09 25/05/2004, you wrote: > >D'oh; I really do need ALTQ. > > If you really need ALTQ, try here : > http://www.rofug.ro/projects/freebsd-altq/ Chances are, that my patchset is more stable that the rofug.ro one which I= =20 evolved from (I have said this, haven't I?). > Work fine with 5.2.1 and drivers is avaible for most all good network car= d. > (don't specified in changelog but em driver is also stable) 1) As I have said (several times) the drivers from rofug.ro work with this= =20 patchset without problems. If they are stable there, they are stable here a= s=20 well. 2) The patchset from rofug.ro has a couple of problems: a) The locking is incomplete. Passing pktattr on the stack isn't MPSAFE by= =20 design. b) It provides ALTQ3 support only, which is - in my opinion - no longer st= ate=20 of-the-art. The built-in classifier has very limited capabilities, the= =20 syntax is a pain and the implementation isn't all that powerful either. c) It is a bit dated in terms of being in sync with KAME as well as in bei= ng=20 in sync with FreeBSD. I am afraid there are currently no efforts to cha= nge=20 this situation. d) As it "grew" over the years it has some issues both in drivers and the= =20 altq code itself. That is why I started from zero, importing the necess= ary=20 pieces step by step, to clean it up and have a completely working thing= =20 that will eventually be ready for import. > Also i prefer altq config file and i'm not sure that's you can use altqst= at > with pf. That is well choice of taste, but as I tried to explain: ALTQ3 isn't MPSAFE= by=20 design! Altqstat is not useable with pf, but pf has its own way $pfctl -vvs= q=20 gives the same information in a (imo) nicer way. I will not stop anyone from implementing ALTQ3-support (forgetting about th= e=20 locking problems for a moment), but I think that there is much more power i= n=20 the pf-approach. If you are brave, you can implement the altq classifier in= =20 terms of a pfil_hooks-consumer useing mbuf_tag classification, this will be= =20 easier in terms of locking but does not seem worthwhile to me. =2D-=20 Best regards, | mlaier@freebsd.org Max Laier | ICQ #67774661 http://pf4freebsd.love2party.net/ | mlaier@EFnet --Boundary-02=_HcGtANrqtL963hF Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAtGcHXyyEoT62BG0RAgyEAJsEPlWBDIURXn7M/aaL9wUZPGZ8AQCdGQrv PlWGduUWmZuSSDd96GY8vnc= =Fayf -----END PGP SIGNATURE----- --Boundary-02=_HcGtANrqtL963hF--