From owner-freebsd-questions@FreeBSD.ORG Sun Jul 20 11:58:34 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A5684399 for ; Sun, 20 Jul 2014 11:58:34 +0000 (UTC) Received: from mail.unitedinsong.com.au (mail.unitedinsong.com.au [150.101.178.33]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 551DB2D13 for ; Sun, 20 Jul 2014 11:58:33 +0000 (UTC) Received: from laptop3.herveybayaustralia.com.au (laptop3.herveybayaustralia.com.au [192.168.0.185]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.unitedinsong.com.au (Postfix) with ESMTPSA id 3A17A27363 for ; Sun, 20 Jul 2014 21:58:22 +1000 (EST) Message-ID: <53CBAECF.70806@herveybayaustralia.com.au> Date: Sun, 20 Jul 2014 21:58:07 +1000 From: Da Rock User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jul 2014 11:58:34 -0000 On 07/18/14 23:26, krad wrote: > this is also another important point. If you go onto google and search on > how to do this and that under pf, you get a mix of freebsd, and openbsd > stuff coming up. I havent analysed it but i think the majority of the stuff > is openbsd related. THerefore I find some nice solution to my problem, only > to find out a bit later I cant use it because its not supported under > freebsd. This is anoying, but more importantly confuses new sysadmins and > puts them off adopting pf and possibly a bsd at all. Ditto on all this! The doc for pf is all only available under man, and any references (in handbook, etc) go to openbsd which then creates syntax issues. And obviously easing feature updates and compatibility is an enormous plus for devs and doc producers. Perhaps backward compatibility could be a tack on instead? So a huge ++1 for an update to syntax from me. Pretty please :) > > > On 18 July 2014 14:12, Gerrit Kühn wrote: > >> On Fri, 18 Jul 2014 15:06:45 +0400 Gleb Smirnoff >> wrote about Re: Future of pf / firewall in FreeBSD ? - does it have one ?: >> >> GS> The pf mailing list is about a dozen of active people. Yes, they are >> GS> vocal on the new syntax. But there also exist a large number of common >> GS> FreeBSD users who simply use pf w/o caring about syntax and reading pf >> GS> mailing list. If we destroy the syntax compatibility a very large >> GS> population of users would be hurt, for the sake of making a dozen >> GS> happy. >> >> I have thought about this for some time now, and I think I do not agree. I >> do remember quite well when OpenBSD changed from ipf to pf, and I had to >> come up with new rules files. Yes, this is a burden for people maintaining >> these systems, but if the thing is well documented and comes with benefits >> (like staying in sync with other developers, allowing new features etc.) I >> doubt that many people will really be minding this. >> >> >> cu >> Gerrit >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to " >> freebsd-questions-unsubscribe@freebsd.org" >> > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"