From owner-freebsd-questions@FreeBSD.ORG Sun Jul 20 15:38:33 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2ED0E339; Sun, 20 Jul 2014 15:38:33 +0000 (UTC) Received: from host64.kissl.de (host64.kissl.de [213.239.241.64]) by mx1.freebsd.org (Postfix) with ESMTP id E01E32ECE; Sun, 20 Jul 2014 15:38:32 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by host64.kissl.de (Postfix) with ESMTP id 1B025A5A6189; Sun, 20 Jul 2014 17:38:25 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at host64.kissl.de Received: from host64.kissl.de ([127.0.0.1]) by localhost (host64.kissl.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kRaN-ieantYU; Sun, 20 Jul 2014 17:38:25 +0200 (CEST) Received: from [192.168.0.11] (95-91-220-47-dynip.superkabel.de [95.91.220.47]) (Authenticated sender: web104p1) by host64.kissl.de (Postfix) with ESMTPSA id BBB93A5A6169; Sun, 20 Jul 2014 17:38:24 +0200 (CEST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Franco Fichtner In-Reply-To: <201407200939020335.0017641F@smtp.24cl.home> Date: Sun, 20 Jul 2014 17:38:23 +0200 Content-Transfer-Encoding: 7bit Message-Id: <788274E2-7D66-45D9-89F6-81E8C2615D14@lastsummer.de> References: <53C706C9.6090506@com.jkkn.dk> <6326AB9D-C19A-434B-9681-380486C037E2@lastsummer.de> <53CB4736.90809@bluerosetech.com> <201407200939020335.0017641F@smtp.24cl.home> To: "Mike." X-Mailer: Apple Mail (2.1878.6) Cc: freebsd-current@freebsd.org, freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jul 2014 15:38:33 -0000 On 20 Jul 2014, at 15:39, Mike. wrote: > imho, the root problem here is that an effort to implement a single > feature improvement (multi-threading) has caused the FreeBSD version > of pf to apparently reach a near-unmaintainable position in the > FreeBSD community because improvements from OpenBSD can no longer be > ported over easily. FreeBSD's pf has been put in a virtual > isolation chamber due to the multi-threaded enhancement. > > Was it worth it? Yes. This happened *three times* in BSD land now. How much more proof does it take to make that clear? FWIW, I'm still volunteering, but I think the direction this discussion is going is that there is no clear direction, which makes this a tad less effective than it could be. ;) Cheers, Franco