Date: Sat, 2 Apr 2005 01:43:59 +0200 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: Upgrading pf in time for 5.4? Message-ID: <200504020144.06555.max@love2party.net> In-Reply-To: <1112397975.25570.80.camel@localhost.localdomain> References: <1112397975.25570.80.camel@localhost.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1286842.aROsGkjEgh Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Saturday 02 April 2005 01:26, R. Tyler Ballance wrote: > I'm about halfway through with slugging through the changes from > OPENBSD_3_5 -> OPENBSD_3_6 to packet filter code, and i'm wondering if > (a) i'm going about it the "right" way, and (b) if it's worth devoting > more time to (my employer (texas A&M) is allowing me to work on it at > work ;)) to get some patches done before 5.4-RELEASE I don't think there is much gain in doing the 3.6 pull-up now, with 3.7=20 branched and almost out of the door. I am going to look at pulling 3.7 int= o=20 =46reeBSD-CURRENT by the time 3.7 is official (May, 1st as of now). > From our standpoint, we'd stand a good bit to gain if the code was > updated, given the rule optimizations that have been added to pf from > 3_5->3_6 and a few other changes (i'm still hoping for if_bridge.* to be > ported over soon ;)) The latter is certainly a more pushing project - IMO. If your employer wou= ld=20 sponsor you some time for that - that'd be perfect. Talk to Bruce (bms@) w= ho=20 has been working with some people to get this in. What is needed the most = at=20 this point is *proper* testing and performance analysis wrt. the current=20 bridge.c implementation. Could you dig up some resources for that? > So, how long might I have to wrap it up, and any suggestions on how the > "right way" would be (just to make sure i'm not wasting a lot of time > here ;)) Judging from my experience (and provided you are reasonably familiar with t= he=20 code) you can do an import in <1week. You should spend another week fixing= =20 the apparent bugs and introducing infrastructure that is required. The=20 "right way" to go - IMHO - would be to get a cvsrepo and import the OpenBSD= =20 vendor source into it (some CVS-foo required for this step). This will hel= p=20 you with the trivia. Then you start working from there ... get back to me = on=20 private mail on/after Tuesday, I will then start the dance with the current= ly=20 available 3.7 code to see what issues we are looking at and I can sure use = a=20 second pair of eyes - if you are up for that. As for 5.4R - that's done and over. No new code (esp. as big as a pf pull-= up)=20 will go into it anymore. And - as a pf pull-up will mess with API/ABI - it= =20 won't even go to RELENG_5 afterwards. However, as I said several times=20 before, I plan to make it easy to do a pull-up from FreeBSD-CURRENT to=20 RELENG_5 and am committed to support this option if it proves easy enough. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1286842.aROsGkjEgh Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCTdzGXyyEoT62BG0RAkfRAJ97h4kwgy3mY407SJrzmfb3vo+avACeLBcg nwlIhiramVVcSW9qXWIDTnc= =NNet -----END PGP SIGNATURE----- --nextPart1286842.aROsGkjEgh--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504020144.06555.max>