From owner-freebsd-pf@FreeBSD.ORG Tue Nov 20 03:22:54 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 36053C7F for ; Tue, 20 Nov 2012 03:22:54 +0000 (UTC) (envelope-from paul.g.webster@googlemail.com) Received: from mail-wi0-f178.google.com (mail-wi0-f178.google.com [209.85.212.178]) by mx1.freebsd.org (Postfix) with ESMTP id B0E8F8FC12 for ; Tue, 20 Nov 2012 03:22:53 +0000 (UTC) Received: by mail-wi0-f178.google.com with SMTP id hm6so465930wib.13 for ; Mon, 19 Nov 2012 19:22:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:to:cc:subject:references:date:mime-version :content-transfer-encoding:from:organization:message-id:in-reply-to :user-agent; bh=h/T/LRIOLS0RRQI7kIkkAUjfw+s7x6wQbkr7sty2Yb8=; b=O+jjuycdK7vUsrevZZNE9JUvX8PEb+d+J1EHqECc+NBhV/sSRppWJfrUm0XkJetMqk OMzJgxnoN7yb7ywAnO1N2bnutGJIr9CqnvX6qkJcbXvljJFXmntLbLLSO/8cbIxmrA0d YqHEyLlTUk8R+/WXx53iqGkhX7F9ikokQJP7uYdDAeOUGTIgcdw4lP9VQxdaNnkjPaFc 1chLez8s2kvkPuU1e4G+vNGLpZTA8srJVcp/yQVzTyo9lCGA2F+bl8AMuMnccDOSHvt9 3rzSO53kAz4vjrL7NDTMvwJ2E7khFK3KsPG6DYqHlg7lrxbF4dEGdZDzWxuAQm8R4nbl mt1Q== Received: by 10.216.73.4 with SMTP id u4mr1280755wed.195.1353381767611; Mon, 19 Nov 2012 19:22:47 -0800 (PST) Received: from box.dlink.com (host-78-149-58-39.as13285.net. [78.149.58.39]) by mx.google.com with ESMTPS id bz12sm3017825wib.5.2012.11.19.19.22.46 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 19 Nov 2012 19:22:47 -0800 (PST) Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes To: "Chris Buechler" Subject: Re: Upgrading FreeBSD to use the NEW pf syntax. References: Date: Tue, 20 Nov 2012 03:22:46 -0000 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Paul Webster" Organization: Interflective Group Message-ID: In-Reply-To: User-Agent: Opera Mail/12.11 (Win64) Cc: "freebsd-pf@freebsd.org" X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 03:22:54 -0000 Just out of interest, option 3) does not entirely dismiss using the pf2-* chain of kernel options for developing using the new pf tree; sure it would be alot of work but just 'how much' would be required; Our own fork after all means that everything is created from scratch and as its 'vastly different' from the OpenBSD version surely that will also require a vast amount of time. I should probably point that doing both at the same time would by sane observation mean two projects requiring a vast amount of time; but if enough people support the 'pf2' chain then in conjunction with the fact that we should be able to borrow some of the code from OpenBSD, maybe it would be worth the sacrifice. Time will tell which one becomes the more popular. On Tue, 20 Nov 2012 03:02:40 -0000, Chris Buechler wrote: > On Mon, Nov 19, 2012 at 8:23 PM, Paul Webster > wrote: >> Good day all, >> >> I am aware this is a much discussed subject since the upgrade of PF, I >> believe the final decision was that to many users are used to the old >> style pf and an upgrade to the new syntax would cause to much confusion. >> >> There was a recent debate on ##freebsd about this issue and I was >> inclined >> to mail in and get your opinions; basically it boiled down to the >> majority >> of users wanting either: >> >> 1) To move to the newer pf and just add to releases notes what had >> happened, >> and >> 2) my own personal opinion: creating 'pf2-*' as a kernel option tree, >> basically using the newer pf syntax and allowing users to choose. >> > > The line in the sand has been drawn with the SMP-friendly PF now in > HEAD. The reality is seeming to be option 3) FreeBSD pf is drastically > different and will be a fork from this point, as those SMP changes > make future merges impossible without redoing a whole lot of work. > There was some discussion and regrets here that it wasn't brought up > to the most recent pf before doing all that work, but it's done and > committed at this point. There was a good deal of discussion here at > that time, check this list's archive from earlier this year. -- Using Opera's revolutionary email client: http://www.opera.com/mail/