Which pf version comes with FreeBSD 8.0?

H

honk

The Handbook states:

"...please keep in mind that different versions of FreeBSD contain different versions of PF:

FreeBSD 5.X -- PF is at OpenBSD 3.5
FreeBSD 6.X -- PF is at OpenBSD 3.7
FreeBSD 7.X -- PF is at OpenBSD 4.1
..."

As I was everything else than happy with the firewall performance (about 1,6GBit/sec throughput with 1500 bytes packets on an 8-core machine) when I tried pf on FreeBSD 7.2, I'm highly interested whats new in FreeBSD 8.0.

I found this in the announcement for OpenBSD 4.2 announcement: "... Various improvements in pf increase performance drastically, stateful passing more than twice as fast than before..."

How can I determine the pf-version which comes with FreeBSD 8.0?

regards,
honk
 
Take a look at the commit log and see which version was last ported into FreeBSD. It seems that PF will be at 4.1 for 8.0. We might have to wait until 9.0 for a new version to be ported.
 
it's a little more complex ...

I am no insider to the coding effort on porting pf from OpenBSD, but looking at the commit logs it says that the last actual import of pf was the OpenBSD 4.1 version over summer 2007.

But, from a performant (not feature) perspective the story is more complex, since a lot of work has been done on what is now almost a FreeBSD pf 'branch' in terms of performant issues, in terms of virtualization for jails, etc.

I have not done actual comparison tests (eg OpenBSD 4.6 vs FreeBSD 8.0 on the same hw) which would be the only way to know which 'branch' is 'better'. In practice 'betterness' would course would hugely depend on your use case - are you an isp owner with 200K jailed accounts, or a university perimeter sysadmin, or grandma unix tending the homestead firewall?
 
You must log in or register to reply here.
Back
Top