From owner-freebsd-questions@FreeBSD.ORG Wed Sep 21 08:17:09 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8FBFB106566B for ; Wed, 21 Sep 2011 08:17:09 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: from mail-gy0-f182.google.com (mail-gy0-f182.google.com [209.85.160.182]) by mx1.freebsd.org (Postfix) with ESMTP id 4D7FA8FC16 for ; Wed, 21 Sep 2011 08:17:08 +0000 (UTC) Received: by gyf2 with SMTP id 2so1217920gyf.13 for ; Wed, 21 Sep 2011 01:17:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Z4NlNu2nq8HCWYVln02ZXxHTdt6NwQLcbUW3nCif0ik=; b=kO4a/eJ7wTNNPqMoSoI/QRfRvYCNrnhjVOIAzWjpUSdt2BPCfz/yBgJoD6/6LFoFXk EAQv1s12XkCqqSmrwOkFcYRWV0xQE5/kSSYQ1yU4WJlb68wDt5CjFR47btH8BpReJHR/ 2CjLyeWrOvciBsn+SADQ3su58I3ZhYnHbsh8s= MIME-Version: 1.0 Received: by 10.236.77.104 with SMTP id c68mr2973151yhe.69.1316593028513; Wed, 21 Sep 2011 01:17:08 -0700 (PDT) Received: by 10.236.105.166 with HTTP; Wed, 21 Sep 2011 01:17:08 -0700 (PDT) In-Reply-To: <4E799ADB.2090301@infracaninophile.co.uk> References: <4E799390.2040303@infracaninophile.co.uk> <4E799ADB.2090301@infracaninophile.co.uk> Date: Wed, 21 Sep 2011 09:17:08 +0100 Message-ID: From: krad To: Matthew Seaman Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: FreeBSD Questions , Modulok Subject: Re: How to find out which version of PF a given box is using... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Sep 2011 08:17:09 -0000 On 21 September 2011 09:05, Matthew Seaman wrote: > On 21/09/2011 08:34, Matthew Seaman wrote: > > On 21/09/2011 07:34, Modulok wrote: > >> Is there an easy way to find out what version of PF a given FreeBSD > version is > >> using? Currently I'm doing this: > >> > >> grep -iE '\bpf\b' /usr/src/UPDATING > >> > >> Just wondering if I'm missing something. I didn't see any '--version' > >> flag in pfctl. > > > > Uh -- bpf is a different thing to PF. bpf is Berkeley Packet Filter > > which isn't anything to do with firewalling, but used eg. by tcpdump to > > select certain packets from the wire. As far as I know, bpf doesn't > > have a separate version number; it just uses the OS version number. > > It's been part of BSD Unices since dinosaurs roamed the earth. > > One of these days I'll learn not to send e-mail before coffee. Please > ignore the above -- red herring. > > > PF is the firewalling code imported from OpenBSD. Again, it's part of > > the base system in OpenBSD so it just uses the OpenBSD version number. > > Every so often there will be a new import from OpenBSD -- I believe most > > released versions of FreeBSD are using PF from OpenBSD 4.2, but there is > > an update to OpenBSD 4.mumble in the works for the upcoming FreeBSD 9.0 > > release. You'ld have to check the commit history in CVS or SVN to be > sure. > > In fact, the last import listed as such in the CVS history was from > OpenBSD 4.1 but that was around 2007 when FreeBSD was on version 6.x -- > long time ago. There's been plenty of updates since (which, IIRC, made > the FreeBSD code pretty much equivalent to what is in OpenBSD 4.2), but > no wholesale reimport until about 2 months ago, when OpenBSD 4.5 code > was imported into head. > > http://svnweb.freebsd.org/base?view=revision&revision=223637 > > AFAIK, that is not a candidate for MFC to stable/8 or earlier, as it > modifies KBIs. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > JID: matthew@infracaninophile.co.uk Kent, CT11 9PW > > If its been syncd to openbsd 4.5 version of pf, its still quite a way behind openbsd's version in the latest release as they are not on 4.9 with 5.0 imminent. Looking at the docs there were quite a lot of changes when openbsd was bumped to 4.7