From owner-freebsd-pf@FreeBSD.ORG Wed Sep 5 20:09:24 2012 Return-Path: Delivered-To: pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E344B1065670; Wed, 5 Sep 2012 20:09:24 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-ie0-f182.google.com (mail-ie0-f182.google.com [209.85.223.182]) by mx1.freebsd.org (Postfix) with ESMTP id 8E6828FC1E; Wed, 5 Sep 2012 20:09:24 +0000 (UTC) Received: by iebc12 with SMTP id c12so2290708ieb.13 for ; Wed, 05 Sep 2012 13:09:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=BAaa1Wv/Bf5vA5OAKsyEV1J0V65x/iRPY6CQ24BrjaE=; b=YMTeteWrlxchI7sKHswQV5FYW6pTQmNM4wl9QOpxRMSOxnzAVE9q/aqHQvdhr3aY/t uTJBkaMM/iOkRJyxpr5ZNwPtBzFBaP/VXuhzcc6PUQc9BK4WqJuS6+LELuFBM7lqqDDC pkW1BMQ2aWNOWAyFdL+sCILteRWq4bABiuT45D+qNDJfvhk9tiVmGTU6m1pbmEw+bxdd x9WFbtcDjes3EOSyf1tHQjuAeDs1NNgc+We00tkT9xdr5CO/cz3t76G4fmyB91mPlLWL TE+gbZ6ua2w8W1yzCptirgYT36KaFtLz/a5MxVFfj+IWKaI6rS/8e4ZL2WY7yYJEedaJ IaKQ== MIME-Version: 1.0 Received: by 10.42.155.135 with SMTP id u7mr22127547icw.25.1346875764014; Wed, 05 Sep 2012 13:09:24 -0700 (PDT) Sender: ermal.luci@gmail.com Received: by 10.231.47.73 with HTTP; Wed, 5 Sep 2012 13:09:23 -0700 (PDT) In-Reply-To: <20120905115140.GF15915@FreeBSD.org> References: <20120905115140.GF15915@FreeBSD.org> Date: Wed, 5 Sep 2012 22:09:23 +0200 X-Google-Sender-Auth: KpA_Ufil8V4wmk4YQRXcnRAJ6hs Message-ID: From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= To: Gleb Smirnoff Content-Type: text/plain; charset=ISO-8859-1 Cc: pf@freebsd.org, net@freebsd.org Subject: Re: [HEADS UP] merging projects/pf into head X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Sep 2012 20:09:25 -0000 Hi Gleb, On Wed, Sep 5, 2012 at 1:51 PM, Gleb Smirnoff wrote: > Hi! > > [announce goes both to net@ and pf@, but any discussion should > go on on pf@FreeBSD.org only, please] > > As you already may now, last half a year I've been working on > making pf SMP-scalable and faster in general. More info can be > found here: > > http://lists.freebsd.org/pipermail/freebsd-pf/2012-June/006643.html > http://lists.freebsd.org/pipermail/freebsd-pf/2012-June/006662.html > > Since that announce in June, I've been running experimental code for > more than 2 months in production on several routers. Also, some brave > people volunteered to be beta-testers and also run the experimental > branch in last couple of months. Code proved to be stable enough. > > The new code performs better in production: less CPU load, less > jitter, more responsive system under high load. It performs better > under synthetic benchmarks like random generated UDP flood. It > performs much better when DoS comes in. > Its good to see results on your work and is good moving forward. Claiming better behavior, under DoS or other comparison without showing any data or technical reason is a bit over this RFC. > Thus, I plan to merge projects/pf/head to head this weekend, and > this is a HEADS UP email! You have been warned. :) > > What I'd like to do next: > > 1) Move pf out of contrib. I do not see a reason behind this, any particular reason? > 2) Refactor the pfvar.h into pf.h and pf_var.h. Provide stable > kernel<->pfctl ABI. And probably other clean up tasks. Just this reason is a bit contradictory with 1) above! Let alone what does this mean to the user?! Nothing? They are after syntax stability, not breaking their machines on upgrade, ABI is nothing to them. Please reconsider the option of renaming the import and allowing both ports to coexist. Than you can have your changes going through. Regards, Ermal