From owner-freebsd-pf@FreeBSD.ORG Sat Dec 6 02:35:00 2014 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0DA41F7A for ; Sat, 6 Dec 2014 02:35:00 +0000 (UTC) Received: from forward20.mail.yandex.net (forward20.mail.yandex.net [IPv6:2a02:6b8:0:1402::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Certum Level IV CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B6F24DA1 for ; Sat, 6 Dec 2014 02:34:59 +0000 (UTC) Received: from web21g.yandex.ru (web21g.yandex.ru [95.108.253.230]) by forward20.mail.yandex.net (Yandex) with ESMTP id 2E8B01042363 for ; Sat, 6 Dec 2014 05:34:56 +0300 (MSK) Received: from 127.0.0.1 (localhost [127.0.0.1]) by web21g.yandex.ru (Yandex) with ESMTP id BD126CC0661; Sat, 6 Dec 2014 05:34:55 +0300 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.com; s=mail; t=1417833295; bh=+wgejC3d/Jsvn85MnVZuoSUhRY3YlAJ/MqFa3PPVP8o=; h=From:To:Subject:Date; b=EuomXrDKzgJyUnXgc4e5nLQiJWKo/rvjeDErg5zF2jHQmPjfm4sBWyxUKznFXT/AD 7YRrd5NyyGsqWOJnpsScTxY1dQCdu3rGxUh/PNUJZVrC4XYltWWmBkwTkgjxBoUNom SvBdPJ+dt1xJy/bnoDGjWZVR+nL5WmobJNOaBPX4= Received: from 108.61.122.87.choopa.net (108.61.122.87.choopa.net [108.61.122.87]) by web21g.yandex.ru with HTTP; Sat, 06 Dec 2014 05:34:55 +0300 From: Martin Hanson To: freebsd-pf@freebsd.org Subject: FOLLOW-UP MIME-Version: 1.0 Message-Id: <363021417833295@web21g.yandex.ru> X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Sat, 06 Dec 2014 03:34:55 +0100 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Dec 2014 02:35:00 -0000 Okay, this part "Has any important bugs been fixed in PF on OpenBSD since the current port in FreeBSD that actually makes the current PF in FreeBSD "dangerous" to run with?" was actually a really stupid question! The.. http://svnweb.freebsd.org/base/vendor-sys/pf/4.5.002/?view=log .. shows that the last import was for tag 4.5.002 5 years and 3 month ago! Going back to that time in the OpenBSD CVS log and then scrolling up until present day shows quite a bunch of REALLY important fixes! I am NOT talking about the changes made by the OpenBSD guys, just bug and error fixes! http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf.c Problems that can cause kernel crashes, fixes for PF crashing faults, out-of-memory errors, leak of states, and a whole lot of other important stuff. Nobody in their right mind would run the current version of PF on FreeBSD! I am sorry, but how can someone be so stupid as to get a whole bunch of new features into a product that seriously needs upgrading first!? Whats going on FreeBSD? You used to be all about quality, now you're all about "bleeding edge features" and don't give a s*** about the rest? Linux can get away with that crap ONLY because such a huge bunch of people and organisations are running and supporting it, they have a LOT of people developing stuff and fixing stuff really quick, FreeBSD haven't got that user base! It needs to be about quality over features! Like in the good old 4.x and 5.x days! Martin