From owner-freebsd-questions@FreeBSD.ORG Sun Jul 20 21:40:58 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 40B81F50; Sun, 20 Jul 2014 21:40:58 +0000 (UTC) Received: from orthanc.ca (orthanc.ca [IPv6:2607:f2f8:abf8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "orthanc.ca", Issuer "orthanc.ca CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id F41782F2B; Sun, 20 Jul 2014 21:40:57 +0000 (UTC) Received: from [192.168.42.6] (d66-183-221-35.bchsia.telus.net [66.183.221.35]) (authenticated bits=0) by orthanc.ca (8.14.7/8.14.7) with ESMTP id s6KLegEY060584 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sun, 20 Jul 2014 14:40:52 -0700 (PDT) (envelope-from lyndon@orthanc.ca) Content-Type: multipart/signed; boundary="Apple-Mail=_4B12DBBC-CA02-4A2A-B034-04B4192E48D3"; protocol="application/pgp-signature"; micalg=pgp-sha1 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? From: Lyndon Nerenberg In-Reply-To: Date: Sun, 20 Jul 2014 14:40:37 -0700 Message-Id: References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> <53CA2D39.6000204@sasktel.net> <20140720123916.GV96250@e-new.0x20.net> To: Daniel Feenberg X-Mailer: Apple Mail (2.1878.6) X-Spam-Status: No, score=0.4 required=5.0 tests=RDNS_DYNAMIC autolearn=no autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on orthanc.ca Cc: FreeBSD current , FreeBSD Mailing List X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jul 2014 21:40:58 -0000 --Apple-Mail=_4B12DBBC-CA02-4A2A-B034-04B4192E48D3 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On Jul 20, 2014, at 11:35 AM, Daniel Feenberg wrote: > Rather they have said "An updated pf would not be > suitable, as it would be incompatible with existing configuration = files". A major FreeBSD version increment is allowed to break that level of = backwards compatibility. Nothing prevents this from being incorporated = into 11.x. The only real concern would be removing existing core functionality as = part of the update. For that you want to provide at least one major = release cycle for people up migrate. Comparing pf on my current OpenBSD = machines vs. the FreeBSD 10.x pf, that doesn't seem to be an issue. --lyndon --Apple-Mail=_4B12DBBC-CA02-4A2A-B034-04B4192E48D3 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJTzDdVAAoJEG8PnXiV/JnUP7wP/iaHgRf29cfR4bHHATs4HR8J WW2BSKp4/SyoA7oMYvOnN8QF/IA3x30NRI93VBtxwUZbFbEETvKtb/Y2/E0kZVB4 UcC8PyZ8lr+kQQY+1voAAp6dvI0Fm6KEojitYEuPo6GXSjyhYJcz+3TlfBjFZT8r qP6XQJD4gb3tXlfdO9Qzcvyvaa2YCCF9qp8SmeM4ynYhTr0G0geT2rKnegm8hvXw 2JglUiisAIregxf6gnabxKoPj0pNiWCnTkKJxWUeA45j4Gz123Q7fnd0YTUl3L3w tMQg+Dt0U3cq9+ACr0Hpw5rRjtgEnkXZdvgK8fCx88wdts0VRJUdkP9JX0bi5SpV X5Tr5EC8QalkWDsZRc/lWwL/xH21F/heifqbasgpVyzcIARxCKqZuMbQaMwICZd3 wGIlt5GV4kjdOGLeqFxM7A7m/qinmhDBVfi3yhqVfOdfCYuDF4fcQ6QhhI9YZm9R KmJsaejKguBFOTjQu3sVopmBlxXTvS8I+TV44ih1zKZ7kNX8zKJSAO2JYwxVi0jD ZIafvDBTNZOrtz6QGGJh0f1SmplfajapYYlg6wPXjqhdeRLzGZH0/EfBFdFofuKe 38DC4aoUkyO7reeLECL6U1HvCLoGUmLqIt+uQviaxIkcNTxUZjaBQ0Zjz+0SwC1d eETuZZRLPOQTsZW0Fb8s =Wq6E -----END PGP SIGNATURE----- --Apple-Mail=_4B12DBBC-CA02-4A2A-B034-04B4192E48D3--