All, I will be importing a new version of pf in the next hour. This is long due and really well-tested. However, the first step will bring in OPENBSD_3_5_BASE (i.e. the release version, not the STABLE branch). We will catch up on -STABLE soon thereafter. Just FYI, better wait a bit before you re-build world to get the new stuff. The import will enable us to test ALTQ very easily and help in deploying driver changes. The OpenBSD release notes say: "+ A large number of bug fixes, changes, and optimizations to our packet filter pf(4) including: - Atomic commits of ruleset changes (reduce the chance of ending up in an inconsistent state). - A 30% reduction in the size of state table entries. - Source-tracking (limit number of clients and states per client). - Sticky-address (the flexibility of round-robin with the benefits of source-hash). - Invert the socket match order when redirecting to localhost (prevents the potential security problem of remote connections being identified as local). - Significant improvements to interface handling." -- Best regards, | mlaier_at_freebsd.org Max Laier | ICQ #67774661 http://pf4freebsd.love2party.net/ | mlaier_at_EFnet
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:57 UTC