On Saturday 02 June 2007, Michal Mertl wrote: > Max Laier wrote: > > [ moving this to the more specific list ] > > > > On Friday 01 June 2007, LI Xin wrote: > > > Stanislaw Halik wrote: > > > > Heya, > > > > > > > > Are there any plans to sync pf(4) before 7.0-R? OpenBSD has some > > > > neat stuff in it, including expiretable functionality, which > > > > would come in handy. > > > > > > Last time I have talked with Max (Cc'ed) about the issue, we > > > finally figured out that porting the whole stuff would need some > > > infrastructural changes to our routing code, which could be risky > > > so we wanted to avoid it at this stage (about 15 days before > > > RELENG_7 code freeze). On the other hand, some functionality (like > > > the expiretable feature) does not seem to touch a large part of > > > kernel and might be appropriate > > > RELENG_7(_0) candidate. > > > > > > Could you please enumerate some features that FreeBSD is currently > > > lack of and are considered "high priority" so we will be able to > > > evaluate whether to port? > > > > > > BTW. Patches are always welcome, as usual :-) So don't hesitate > > > to submit if you already did some work. > > > > ditto. I'd like to import a couple of features on a per-feature base > > rather than doing a complete import which isn't possible anymore due > > to SMP and routing code changes. > > > > Submit your list of features and I'll see what I can do this weekend. > > My list includes: > > > > - keep state and flags S/SA to default > > - improved state table purgeing (this is internal, but a huge > > benefit) - interface handling (groups etc.) > > - pfsync / pflog update (not 100% sure about these due to libpcap / > > tcpdump dependency) > > > > While at it, I might also introduce needed ABI breakage for netgraph > > interaction. > > > > Anything else? > > The updated ftp-proxy - the one in the tree does not rewrite source IP > address of data connections and some firewalls (e.g. Windows Firewall) > don't let the connection through. It should be pretty easy to import - > the program it already in some form in the ports tree. How do people feel about removing ftp-proxy from the base altogether? I think it's better off in ports anyway. Opinions? -- /"\ Best regards, | mlaier_at_freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier_at_EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:11 UTC