From owner-freebsd-pf@FreeBSD.ORG Tue Nov 20 06:46:48 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 05C5AFC8 for ; Tue, 20 Nov 2012 06:46:48 +0000 (UTC) (envelope-from odhiambo@gmail.com) Received: from mail-ie0-f182.google.com (mail-ie0-f182.google.com [209.85.223.182]) by mx1.freebsd.org (Postfix) with ESMTP id BB7EA8FC13 for ; Tue, 20 Nov 2012 06:46:47 +0000 (UTC) Received: by mail-ie0-f182.google.com with SMTP id s9so1910021iec.13 for ; Mon, 19 Nov 2012 22:46:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=rLHBpRJfc/JuBeWiXOh7cGa8glfR337gLrhBmy5luAM=; b=i+kI0pVZXUO52kPRVQqFwIKrswrVTYVXFiY85TOE3PRhqENk6TDFaq4gJZtBtaogfS R3+C0ZeqEbWQzdOu+DEROsRZl0r1kbNbPTIrNZ5PUoMPyy2UeCwbNwXomw7DdrySa1s9 I3CKpycZaZhvQBdWKhuBZrJOfFETcpuBKIpfz0A9XMc5mAlSJDOQ8wbh/INWbtPumCh7 BC+gGjsdRLuuhGc1Ov5WmSm0mAPiwVvwD78JzwMdCiodKbf833gYhAZBqgFwBAxrj3F/ bySp5Wlye7fwkLLLf5OmoHQm709iGnuR7YsjmzksCRPfYSHPhcNmwO3rxkMNx7Of+qOp pUBg== Received: by 10.50.13.133 with SMTP id h5mr9035232igc.2.1353394007022; Mon, 19 Nov 2012 22:46:47 -0800 (PST) MIME-Version: 1.0 Received: by 10.42.60.6 with HTTP; Mon, 19 Nov 2012 22:46:06 -0800 (PST) In-Reply-To: References: From: Odhiambo Washington Date: Tue, 20 Nov 2012 09:46:06 +0300 Message-ID: Subject: Re: Upgrading FreeBSD to use the NEW pf syntax. To: Paul Webster Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2012 06:46:48 -0000 On Tue, Nov 20, 2012 at 5:23 AM, Paul Webster wrote: > Good day all, > > I am aware this is a much discussed subject since the upgrade of PF, I > believe the final decision was that to many users are used to the old > style pf and an upgrade to the new syntax would cause to much confusion. > > There was a recent debate on ##freebsd about this issue and I was inclined > to mail in and get your opinions; basically it boiled down to the majority > of users wanting either: > > 1) To move to the newer pf and just add to releases notes what had > happened, > and > 2) my own personal opinion: creating 'pf2-*' as a kernel option tree, > basically using the newer pf syntax and allowing users to choose. > > I would be interested to know the feedback from you guys as to be honest > there seems to be quite a few users who actually DO want the new style > format and functionality that comes with. > > I Attached the log of the conversation just for reference. > > It's been difficult enough to maintain PF on FreeBSD because of the time needed to be invested in the FreeBSD port. This situation remains to date, from what I understand. I guess someone can look at how many bugs/feature requests still remain open for PF on FreeBSD. I therefore feel that whoever wants to run PF should use a dedicated OpenBSD box as a firewall/whatever they use PF for. There is really no point trying to make FreeBSD be OpenBSD when it comes to such requirements. Look at the advantages of "separation of power" - give to OpenBSD the fireallpower and FreeBSD the serverpower. In keeping with the K.I.S.S principle, please let anyone needing new PF syntax just use OpenBSD. My humble opinion. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I can't hear you -- I'm using the scrambler.