Date: Tue, 20 Nov 2012 15:48:03 +0100 From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org> To: Sami Halabi <sodynet1@gmail.com> Cc: Paul Webster <paul.g.webster@googlemail.com>, "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: Upgrading FreeBSD to use the NEW pf syntax. Message-ID: <CAPBZQG3SSZorVG5tZ-S6zxs8nW%2Bz7kQX3-J2mSKPOHtbq_kFdQ@mail.gmail.com> In-Reply-To: <CAEW%2BogbUkHTaef98=CusV%2BV3qTFHqj-7x-_icKaom_0d2gv69g@mail.gmail.com> References: <op.wn1vktomjfousr@box.dlink.com> <CAAdA2WPLD7MRLTV6Ah57dxDLwK6qaoPfzmWdFO0m%2B2bAd_Xq2Q@mail.gmail.com> <CAPBZQG2R%2BLXTo8xXZNhfWg%2BS4wtkDc1cAuhoHqdgyiGDGZuXOw@mail.gmail.com> <CAEW%2BogbUkHTaef98=CusV%2BV3qTFHqj-7x-_icKaom_0d2gv69g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 20, 2012 at 9:07 AM, Sami Halabi <sodynet1@gmail.com> wrote: > Hi, > This was actually discussed much before, as I read it would make some > issues with the new pf-smp work done by gleb. > > Not really since Gleb just changed the locking and nothing else. All his work is under the hood. He actually broke if-bound state but that's another story. > Sami > > > On Tue, Nov 20, 2012 at 9:55 AM, Ermal Lu=E7i <eri@freebsd.org> wrote: > >> On Tue, Nov 20, 2012 at 7:46 AM, Odhiambo Washington <odhiambo@gmail.com >> >wrote: >> >> > On Tue, Nov 20, 2012 at 5:23 AM, Paul Webster < >> > paul.g.webster@googlemail.com >> > > wrote: >> > >> > > Good day all, >> > > >> > > I am aware this is a much discussed subject since the upgrade of PF,= I >> > > believe the final decision was that to many users are used to the ol= d >> > > style pf and an upgrade to the new syntax would cause to much >> confusion. >> > > >> > > There was a recent debate on ##freebsd about this issue and I was >> > inclined >> > > to mail in and get your opinions; basically it boiled down to the >> > majority >> > > of users wanting either: >> > > >> > > 1) To move to the newer pf and just add to releases notes what had >> > > happened, >> > > and >> > > 2) my own personal opinion: creating 'pf2-*' as a kernel option tree= , >> > > basically using the newer pf syntax and allowing users to choose. >> > > >> > > I would be interested to know the feedback from you guys as to be >> honest >> > > there seems to be quite a few users who actually DO want the new sty= le >> > > format and functionality that comes with. >> > > >> > > I Attached the log of the conversation just for reference. >> > > >> > > >> > It's been difficult enough to maintain PF on FreeBSD because of the ti= me >> > needed to be invested in the FreeBSD port. >> > This situation remains to date, from what I understand. I guess someon= e >> can >> > look at how many bugs/feature requests still remain open for PF on >> FreeBSD. >> > >> > I therefore feel that whoever wants to run PF should use a dedicated >> > OpenBSD box as a firewall/whatever they use PF for. >> > There is really no point trying to make FreeBSD be OpenBSD when it >> comes to >> > such requirements. Look at the advantages of "separation of power" - >> give >> > to OpenBSD the fireallpower and FreeBSD the serverpower. >> > >> > In keeping with the K.I.S.S principle, please let anyone needing new P= F >> > syntax just use OpenBSD. >> > >> > My humble opinion. >> > -- >> > Best regards, >> > Odhiambo WASHINGTON, >> > Nairobi,KE >> > +254733744121/+254722743223 >> > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ >> > I can't hear you -- I'm using the scrambler. >> > _______________________________________________ >> > freebsd-pf@freebsd.org mailing list >> > http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> > >> >> The truth is that you can add a shim layer between the old syntax to new >> syntax and maintain the new 'locking' present in 10.x branch. >> >> Maybe it would be worth to send a project proposal to the FreeBSD >> Foundation about this, >> but i do not know how keen they are to support through funding this. >> >> When the locking was changed there were a discussion about keeping both = of >> the versions but it was just thrown to the trash by the guy doing >> the new 'locking'. >> >> Probably it has to be asked to the foundation how keen they are to suppo= rt >> this development to have things upgraded. >> >> -- >> Ermal >> _______________________________________________ >> freebsd-pf@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >> > > > > -- > Sami Halabi > Information Systems Engineer > NMS Projects Expert > FreeBSD SysAdmin Expert > > --=20 Ermal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPBZQG3SSZorVG5tZ-S6zxs8nW%2Bz7kQX3-J2mSKPOHtbq_kFdQ>