From owner-freebsd-current@FreeBSD.ORG  Thu Jul 24 18:48:43 2014
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id B4B75628;
 Thu, 24 Jul 2014 18:48:43 +0000 (UTC)
Received: from mail.feld.me (mail.feld.me [66.170.3.6])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mail.feld.me", Issuer "Gandi Standard SSL CA" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 51B262A5E;
 Thu, 24 Jul 2014 18:48:43 +0000 (UTC)
Received: from mail.feld.me (mail.feld.me [66.170.3.6]);
 by mail.feld.me (OpenSMTPD) with ESMTP id d0cc3911;
 Thu, 24 Jul 2014 13:48:42 -0500 (CDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=feld.me; h=content-type
 :mime-version:subject:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to:sender; s=
 blargle2; bh=GbZwzKKktnjIYDnqMY7PFIspQ8U=; b=yhg8lN/5UvM55vkemsD
 j/9N3SExI0+M5BZQPgy6z7hDy4txTY6bHvBxPdalt9FhQnrnnMo6CvfvE6YAdW4x
 1zlJ58/Ti03gi3GBPPHXiHEX11AMEnNu3KeoGj0veg0/CkS10cLPdqmWgPUEgkNw
 8kRirrACstl3r38xxb0rYKMv7bVIA0fft6tlq9e6Ct9+VZoGvNGuh/0KTV3KtoBk
 MMbSz3R3RBVIj5ThA2dGLrpsG+7SuKX+ZyobvzObj2T2j9fkr7F/nr53gD56AhWC
 cQG6UDWONaSB7fOdzIkL3rGcy6HGcvjx08bnUtulEZt4Qdb7XNEMlH3V5CHaGrML
 OIQ==
DomainKey-Signature: a=rsa-sha1; c=nofws; d=feld.me; h=content-type
 :mime-version:subject:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to:sender; q=
 dns; s=blargle2; b=S30hXj/rS2K1lEDj2dZnaf+R8p659W7X1tHFlBrLWViAV
 5xc4rWKOsFbLSlZ9ZhfXq/iBDsuCldbjIUtXf9fBgt0HGHvOSFkWKHRQrJb3go3C
 e4nsi9yhlXckU2zK3QWCzi9bEyaYXhYnJXvyKsOOjdYMhuT5u/9SjAfXussNXwiv
 mA9fC5orQMj1vZ3Vj5gzs5XhLk4hY+G6TJ51xvoN4BYaSwsRFNgVPp0vAkVyUCZq
 H/GwOIkLevGE7ZVWu/6sUmIHsx+U3KXwgnsGgNg3GxQS+vY+Usadovkd6jX7RcjC
 0Z8LhSFfhlId7eU7bZoJIsgmE/Bh5o58wub2kuDwA==
Received: from mail.feld.me (mail.feld.me [66.170.3.6]);
 by mail.feld.me (OpenSMTPD) with ESMTP id beecd638;
 Thu, 24 Jul 2014 13:48:42 -0500 (CDT)
Received: from feld@feld.me by mail.feld.me (Archiveopteryx 3.2.0) with
 esmtpa id 1406227721-78987-78985/5/5; Thu, 24 Jul 2014 18:48:41 +0000
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0
Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ?
From: Mark Felder <feld@FreeBSD.org>
In-Reply-To: <81B6EE28-692E-4AB4-A4EB-CC6338182D75@FreeBSD.org>
Date: Thu, 24 Jul 2014 13:48:40 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <48A2CC93-8A68-4C71-8AD3-43EDABE444CD@FreeBSD.org>
References: <201407231542.s6NFgX4M025370@slippy.cwsent.com>
 <50E4E363-B2C0-4ED7-A0C4-2D7C69FF15B2@lists.zabbadoz.net>
 <53D01DDD.8000806@freebsd.org>
 <C8E4B902-6D98-4A3D-8D32-E72666900054@lists.zabbadoz.net>
 <81B6EE28-692E-4AB4-A4EB-CC6338182D75@FreeBSD.org>
To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
X-Mailer: Apple Mail (2.1971.5)
Sender: feld@feld.me
Cc: freebsd-current@freebsd.org, Allan Jude <allanjude@FreeBSD.org>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2014 18:48:43 -0000


> On Jul 24, 2014, at 13:43, Mark Felder <feld@FreeBSD.org> wrote:
>=20
> Upstream pf from OpenBSD has removed this feature entirely and (I =
believe) reworked their scrubbing, but I don't know the details. I can =
confirm that when reassemble tcp existed on OpenBSD it never broke =
traffic for me.
>=20


I'm wrong; reassemble tcp still exists upstream. I must be thinking of =
something else that has since been removed but exists in our version. Oh =
well.