Date: Sat, 24 Nov 2012 14:11:32 -0000 From: "Paul Webster" <paul.g.webster@googlemail.com> To: freebsd-current@freebsd.org Subject: Re: Upgrading FreeBSD to use the NEW pf syntax. Message-ID: <op.wn961ikajfousr@box.dlink.com> In-Reply-To: <CAPBZQG35frdf3FN-Wuv18e5jgYfR4Ue_AUW-wyNTP-7kGnefUA@mail.gmail.com> References: <op.wn1vktomjfousr@box.dlink.com> <CAPBZQG2R%2BLXTo8xXZNhfWg%2BS4wtkDc1cAuhoHqdgyiGDGZuXOw@mail.gmail.com> <CAEW%2BogbUkHTaef98=CusV%2BV3qTFHqj-7x-_icKaom_0d2gv69g@mail.gmail.com> <201211201543.17903.Mark.Martinec%2Bfreebsd@ijs.si> <20121121075642.GR67660@FreeBSD.org> <CAPBZQG2-uDFm67NtYOQ3vV7Xh_3zzMMPr441DqnV7tOyViF4Lg@mail.gmail.com> <20121121145240.GE67660@glebius.int.ru> <CAPBZQG35frdf3FN-Wuv18e5jgYfR4Ue_AUW-wyNTP-7kGnefUA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I only really need one question answered in honesty; I personally think that by forking our own version of PF we have = essentially made something totally different to what everyone wants to = use. Which is fine, but because of that development of new features have= = dropped behind. If we had kept up with OpenBSD's version even if we trailed it by one = MAJOR release; at least part of the development would have been done. So now we end up in a situation where we have these firewalls, = IPFW2,ipf,pf(modded) and users wanting the newer features of OpenBSD's p= f. = So timewise the fork of pf may have actually cost more in time rather th= an = less. I don't however think the 'solution' to the problem is just to say no to= = the userbase by not even trying to port across the newer pf. I think we = = should look at bringing it across, slowly and seeing what the uptake is = = like; in a few MAJOR releases we can start to look at which of the = firewalls realistically are not used that much and should be deprecated.= On Wed, 21 Nov 2012 15:20:19 -0000, Ermal Lu=E7i <eri@freebsd.org> wrote= : > On Wed, Nov 21, 2012 at 3:52 PM, Gleb Smirnoff <glebius@freebsd.org> = > wrote: > >> On Wed, Nov 21, 2012 at 03:44:13PM +0100, Ermal Lu?i wrote: >> E> Cherry-picking would be when tehre is reasonable similarities. >> E> Also another argument to do this would be simplicity on locking as= = >> well >> as >> E> i told you when you started the changes. >> >> You were wrong. OpenBSD doesn't move towards SMP model. Locking more >> recent pf is not simplier, but the opposite. >> >> > I am sorry but you are asking arguments i already have given you. > You didn;t listen once and i do not expect this time as well. > > >> E> Though i am open to work together on this to merge the new syntax >> thorugh a >> E> whole bulk merge rather than cherry-pick. >> >> How many bugs have you closed after the previous bulk import? Why sho= uld >> we expect anything good from new import if the previous one was a PIT= A? >> >> > Well you have used it for your work so it was not so PITA. > Most of the ones you closed had message 'This is to old to be true'; '= I > have re-written PF and this should be fixed'. > > >> And still I don't see any answer on the question: what exact features= or >> perfomance improvements are we going to obtain from "the new pf"? >> >> > See above. > > >> E> You already have 'broken' some functionality as if-bound in FreeBS= D >> 10.x so >> >> Is there any PR filed on that? I didn't even receive a mail about tha= t. >> >> > I really do not think you do the right approach or the right = > communication > on this. > Sorry for replying to you ;). > > >> -- >> Totus tuus, Glebius. >> > > > -- = Using Opera's revolutionary email client: http://www.opera.com/mail/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.wn961ikajfousr>