From owner-freebsd-current@FreeBSD.ORG Sat Nov 24 14:11:35 2012 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E8659B3E for ; Sat, 24 Nov 2012 14:11:34 +0000 (UTC) (envelope-from paul.g.webster@googlemail.com) Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 6B8358FC0C for ; Sat, 24 Nov 2012 14:11:33 +0000 (UTC) Received: by mail-wg0-f50.google.com with SMTP id 12so5101366wgr.31 for ; Sat, 24 Nov 2012 06:11:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:to:subject:references:date:mime-version :content-transfer-encoding:from:organization:message-id:in-reply-to :user-agent; bh=E2oGWdkTZeoFiI8jrG1YFqrt6mEaLZeR0w6hcJ5Ho6k=; b=C54z/780la2zbBEXzWAHtVx5WqzPm4a+yxMK2UUMScWpHGZw0trZAU9m6vnTGRUjhC hcPKDM+YdRvrnhCL2UfybDqnqo+rfZTbgltyA9ID5hr1h3RaIXG5JZnG9EjNx3QsL7p1 hQQOyySnZD4ah9iLTAu5e4tL4MqorO38XFBx/lyAH1ihFtClM2aFO/TM/hL7eOheg4+R 991Rgzv9NY4IjADEGUFbRdvIDGbWpUlB86MO4sWURLVlyuu6zkb52MjuAzLJvi3IjTjh TVe9yqbGHoNa4CkmU+/l21P9aAhjpqzzDgbTAe9vY67qUWQY69ayh6HuuNUguMadAhxK wDvA== Received: by 10.216.195.225 with SMTP id p75mr2658105wen.8.1353766293062; Sat, 24 Nov 2012 06:11:33 -0800 (PST) Received: from box.dlink.com (host-78-149-65-188.as13285.net. [78.149.65.188]) by mx.google.com with ESMTPS id gz3sm12858491wib.2.2012.11.24.06.11.31 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 24 Nov 2012 06:11:32 -0800 (PST) Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes To: freebsd-current@freebsd.org Subject: Re: Upgrading FreeBSD to use the NEW pf syntax. References: <201211201543.17903.Mark.Martinec+freebsd@ijs.si> <20121121075642.GR67660@FreeBSD.org> <20121121145240.GE67660@glebius.int.ru> Date: Sat, 24 Nov 2012 14:11:32 -0000 MIME-Version: 1.0 Content-Transfer-Encoding: Quoted-Printable From: "Paul Webster" Organization: Interflective Group Message-ID: In-Reply-To: User-Agent: Opera Mail/12.11 (Win64) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Nov 2012 14:11:35 -0000 I only really need one question answered in honesty; I personally think that by forking our own version of PF we have = essentially made something totally different to what everyone wants to = use. Which is fine, but because of that development of new features have= = dropped behind. If we had kept up with OpenBSD's version even if we trailed it by one = MAJOR release; at least part of the development would have been done. So now we end up in a situation where we have these firewalls, = IPFW2,ipf,pf(modded) and users wanting the newer features of OpenBSD's p= f. = So timewise the fork of pf may have actually cost more in time rather th= an = less. I don't however think the 'solution' to the problem is just to say no to= = the userbase by not even trying to port across the newer pf. I think we = = should look at bringing it across, slowly and seeing what the uptake is = = like; in a few MAJOR releases we can start to look at which of the = firewalls realistically are not used that much and should be deprecated.= On Wed, 21 Nov 2012 15:20:19 -0000, Ermal Lu=E7i wrote= : > On Wed, Nov 21, 2012 at 3:52 PM, Gleb Smirnoff = > wrote: > >> On Wed, Nov 21, 2012 at 03:44:13PM +0100, Ermal Lu?i wrote: >> E> Cherry-picking would be when tehre is reasonable similarities. >> E> Also another argument to do this would be simplicity on locking as= = >> well >> as >> E> i told you when you started the changes. >> >> You were wrong. OpenBSD doesn't move towards SMP model. Locking more >> recent pf is not simplier, but the opposite. >> >> > I am sorry but you are asking arguments i already have given you. > You didn;t listen once and i do not expect this time as well. > > >> E> Though i am open to work together on this to merge the new syntax >> thorugh a >> E> whole bulk merge rather than cherry-pick. >> >> How many bugs have you closed after the previous bulk import? Why sho= uld >> we expect anything good from new import if the previous one was a PIT= A? >> >> > Well you have used it for your work so it was not so PITA. > Most of the ones you closed had message 'This is to old to be true'; '= I > have re-written PF and this should be fixed'. > > >> And still I don't see any answer on the question: what exact features= or >> perfomance improvements are we going to obtain from "the new pf"? >> >> > See above. > > >> E> You already have 'broken' some functionality as if-bound in FreeBS= D >> 10.x so >> >> Is there any PR filed on that? I didn't even receive a mail about tha= t. >> >> > I really do not think you do the right approach or the right = > communication > on this. > Sorry for replying to you ;). > > >> -- >> Totus tuus, Glebius. >> > > > -- = Using Opera's revolutionary email client: http://www.opera.com/mail/