On Jul 19, 2014, at 3:35, Andreas Nilsson <andrnils_at_gmail.com> wrote: > On Sat, Jul 19, 2014 at 4:40 AM, Darren Pilgrim < > list_freebsd_at_bluerosetech.com> wrote: > >> On 7/18/2014 4:06 AM, Gleb Smirnoff wrote: >> >>> K> b) We are a major release away from OpenBSD (5.6 coming soon) - is >>> K> following OpenBSD's pf the past? - should it be? >>> >>> Following OpenBSD on features would be cool, but no bulk imports >>> would be made again. Bulk imports produce bad quality of port, >>> and also pf in OpenBSD has no multi thread support. >>> >> >> I would much rather have a slower pf that actually supports modern >> networking than a faster one I can't use due to showstopper flaws and >> missing features. >> > > So would I. Not that we use pf, but anyway. > >> >> There is currently no viable firewall module for FreeBSD if you want to do >> things like route IPv6. > > > Isn't that possible with ipfw? > > Perhaps the pf guys in OpenBSD could be convinced to start openpf and have > porting layer as in openzfs. > I do not know ipfw IPv6 limitations, but the Wikipedia article says: * IPv6 support (with several limitations) Choice is nice, but I would like to see the project promote one firewall to users. My coworkers long ago jumped ship from ipfw to pf and I know regret that decision due to the IPv6 bugs. At this point it's too hard to migrate all the servers off of pf.Received on Sat Jul 19 2014 - 11:50:21 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:50 UTC