From owner-freebsd-questions@FreeBSD.ORG  Fri Oct  7 13:01:08 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C788216A41F
	for <freebsd-questions@freebsd.org>;
	Fri,  7 Oct 2005 13:01:08 +0000 (GMT) (envelope-from cswiger@mac.com)
Received: from vms044pub.verizon.net (vms044pub.verizon.net [206.46.252.44])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2C8B343D70
	for <freebsd-questions@freebsd.org>;
	Fri,  7 Oct 2005 13:01:04 +0000 (GMT) (envelope-from cswiger@mac.com)
Received: from [192.168.1.3] ([68.161.71.31])
	by vms044.mailsrvcs.net (Sun Java System Messaging Server 6.2 HotFix
	0.04 (built Dec 24 2004)) with ESMTPA id
	<0INZ00JANQTQMLYD@vms044.mailsrvcs.net> for
	freebsd-questions@freebsd.org; Fri, 07 Oct 2005 08:01:03 -0500 (CDT)
Date: Fri, 07 Oct 2005 09:01:05 -0400
From: Chuck Swiger <cswiger@mac.com>
In-reply-to: <434646C9.9090105@gmail.com>
To: Mark Cullen <mark.r.cullen@gmail.com>
Message-id: <43467191.2090902@mac.com>
Organization: The Courts of Chaos
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: 7bit
X-Accept-Language: en-us, en
References: <CA513920FC73A14B964AB258D77EA8D6A44742@mx1.masongeneral.com>
	<BEF7E798-58F9-4B5A-8DC8-FFB5E96A47CA@mac.com>
	<434646C9.9090105@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12)
	Gecko/20050915
Cc: "Brian E. Conklin" <bconklin@masongeneral.com>,
	freebsd-questions@freebsd.org
Subject: Re: Converting from IPFW to IPFILTER
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2005 13:01:08 -0000

Mark Cullen wrote:
> Charles Swiger wrote:
[ ... ]
>> If you're going to switch to using IPF, you might want to consider  
>> upgrading or reinstalling the OS  to 5.4 instead of 4.11.
> 
> Are there any particular reasons why you suggest switching from 4.11 to 
> 5.4 if going from IPFW to IPF? Because I have just converted from IPFW2 
> to IPF on 4.11-STABLE...
> 
> I did notice that IPF appears to be a rather old version. 3.something, 
> where the latest version of IPF is 4.something. Is this the reason?

Sort of.  IPF was added to FreeBSD-5 and then backported ("MFC'ed") to the 
later 4.x releases.

I don't know of any specific problems with IPF under 4.11.  Because of the 
significant differences in SMP and locking between 4.x and 5.x some of the work 
and fixes done to improve using IPF and IPFW in combination may not be 
applicable to 4.x, nevertheless, I would recommend using IPF with 5.x given the 
choice.

-- 
-Chuck