From owner-freebsd-pf@FreeBSD.ORG Tue Nov 20 04:21:51 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0FB31A78 for ; Tue, 20 Nov 2012 04:21:51 +0000 (UTC) (envelope-from peter@rulingia.com) Received: from vps.rulingia.com (host-122-100-2-194.octopus.com.au [122.100.2.194]) by mx1.freebsd.org (Postfix) with ESMTP id 724878FC12 for ; Tue, 20 Nov 2012 04:21:49 +0000 (UTC) Received: from server.rulingia.com (c220-239-241-202.belrs5.nsw.optusnet.com.au [220.239.241.202]) by vps.rulingia.com (8.14.5/8.14.5) with ESMTP id qAK4LfSs010594 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 20 Nov 2012 15:21:41 +1100 (EST) (envelope-from peter@rulingia.com) X-Bogosity: Ham, spamicity=0.000000 Received: from server.rulingia.com (localhost.rulingia.com [127.0.0.1]) by server.rulingia.com (8.14.5/8.14.5) with ESMTP id qAK4LZOe086999 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 20 Nov 2012 15:21:35 +1100 (EST) (envelope-from peter@server.rulingia.com) Received: (from peter@localhost) by server.rulingia.com (8.14.5/8.14.5/Submit) id qAK4LZTL086998; Tue, 20 Nov 2012 15:21:35 +1100 (EST) (envelope-from peter) Date: Tue, 20 Nov 2012 15:21:35 +1100 From: Peter Jeremy To: Paul Webster Subject: Re: Upgrading FreeBSD to use the NEW pf syntax. Message-ID: <20121120042135.GJ38823@server.rulingia.com> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="nYySOmuH/HDX6pKp" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://www.rulingia.com/keys/peter.pgp User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 04:21:51 -0000 --nYySOmuH/HDX6pKp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2012-Nov-20 02:23:07 -0000, Paul Webster = wrote: >I am aware this is a much discussed subject since the upgrade of PF, I >believe the final decision was that to many users are used to the old >style pf and an upgrade to the new syntax would cause to much confusion. FreeBSD deprecation policies mean that the existing (old) pf syntax would need to be supported for at least the duration of the 9.x branch (and possibly the 10.x branch). >1) To move to the newer pf and just add to releases notes what had >happened, Since the new pf syntax is incompatible with the existing syntax, this would not be acceptable on any stable branch (8.x, 9.x). It could be done on 10.x but the incompatibility would make migrating from 9.x to 10.x harder. >2) my own personal opinion: creating 'pf2-*' as a kernel option tree, >basically using the newer pf syntax and allowing users to choose. This would probably be the preferred option as it would allow users to migrate at their leisure. >I would be interested to know the feedback from you guys as to be honest >there seems to be quite a few users who actually DO want the new style >format and functionality that comes with. My understanding is that there are significant differences in locking between OpenBSD and FreeBSD, which would make porting the new pf non- trivial. New feature requests generally come down to finding the man- power to implement and maintain them. --=20 Peter Jeremy --nYySOmuH/HDX6pKp Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlCrBU8ACgkQ/opHv/APuIeIpwCfXIt3PVxKjIQCFVvmfQ1IZbtc Xc0An0KnEh0ZJ15mIjqtMbpXEsTE8f6b =1zV4 -----END PGP SIGNATURE----- --nYySOmuH/HDX6pKp--