>From my point of view the state of pf in FreeBSD is (was) a dead end. We don't
modify it, since it isn't ours, but we hope that new bulk import would fix problems.
It is threads like those that make me wish I was a sysadmin/programmer. I would like to be able to jump in an help solve some problems, but I have no delusions when it comes to programming; maybe someday.cpu82 said:This thread really explains in detail what is happening with PF and why the OpenBSD version is no longer being ported to FreeBSD.
Erratus said:In terms of investing time: Should I reconsider PF or go with other packet filter?
johnblue said:It is threads like those that make me wish I was a sysadmin/programmer. I would like to be able to jump in an help solve some problems, but I have no delusions when it comes to programming; maybe someday.
:e
cpu82 said:Just check% grep -iE '\bpf\b' /usr/src/UPDATING
PF code version list:
- In RELENG_5 - pf is at OpenBSD 3.5
- In RELENG_6 - pf is at OpenBSD 3.7
- In RELENG_7 - pf is at OpenBSD 4.1
- In RELENG_8 - pf is at OpenBSD 4.5
portsnap
grep
wblock@ said:pf(4) is part of the base system, not ports.
If you have any question about Firewalls between PF, ipfw or other on BSD, You can read benchmarks of http://bsdrp.net/documentation/technical_docs/performance?s[]=pf&s[]=ipfwI'm aware the quote is opinion. And I know, the "other" packet filter is IPFW.
Please correct me if I got it wrong. PF ist stuck on FreeBSD because improvements of performance over OpenBSD's PF - on a version that is behind OpenBSB.
For me it sums up as a risk that I might end up changing the firewalls or even the OS in future.
I'd like to ask the FreeBSD porters/developers if they kindly join the OpenBSD PF-team for resolving the issue?