From owner-freebsd-current@FreeBSD.ORG Wed Jun 16 22:38:00 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F4C816A4CE for ; Wed, 16 Jun 2004 22:38:00 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.177]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B93D43D48 for ; Wed, 16 Jun 2004 22:37:59 +0000 (GMT) (envelope-from max@love2party.net) Received: from [212.227.126.208] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1Baj2c-0002Q1-00; Thu, 17 Jun 2004 00:37:58 +0200 Received: from [217.227.155.166] (helo=donor.laier.local) by mrelayng.kundenserver.de with asmtp (TLSv1:RC4-MD5:128) (Exim 3.35 #1) id 1Baj2c-0000oJ-00; Thu, 17 Jun 2004 00:37:58 +0200 From: Max Laier To: current@freebsd.org Date: Thu, 17 Jun 2004 00:38:50 +0200 User-Agent: KMail/1.6.2 MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_DwM0ANfbqanFgY8"; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <200406170038.59657.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:e28873fbe4dbe612ce62ab869898ff08 cc: pf4freebsd@freelists.org Subject: HEADSUP: Import of pf from OpenBSD 3.5 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jun 2004 22:38:00 -0000 --Boundary-02=_DwM0ANfbqanFgY8 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline All, I will be importing a new version of pf in the next hour. This is long due = and=20 really well-tested. However, the first step will bring in OPENBSD_3_5_BASE= =20 (i.e. the release version, not the STABLE branch). We will catch up on=20 =2DSTABLE soon thereafter. Just FYI, better wait a bit before you re-build= =20 world to get the new stuff. The import will enable us to test ALTQ very easily and help in deploying=20 driver changes. The OpenBSD release notes say: "+ A large number of bug fixes, changes, and optimizations to our packet=20 filter pf(4) including:=20 - Atomic commits of ruleset changes (reduce the chance of ending up in a= n=20 inconsistent state).=20 - A 30% reduction in the size of state table entries.=20 - Source-tracking (limit number of clients and states per client).=20 - Sticky-address (the flexibility of round-robin with the benefits of=20 source-hash).=20 - Invert the socket match order when redirecting to localhost (prevents = the=20 potential security problem of remote connections being identified as=20 local).=20 - Significant improvements to interface handling." =2D-=20 Best regards, | mlaier@freebsd.org Max Laier | ICQ #67774661 http://pf4freebsd.love2party.net/ | mlaier@EFnet --Boundary-02=_DwM0ANfbqanFgY8 Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBA0MwDXyyEoT62BG0RAssYAJsH4IqYeaD8W284aWvUAsSSpSrCeACfbevv JkCbFHon8vBOKElruVaP9SQ= =Fooa -----END PGP SIGNATURE----- --Boundary-02=_DwM0ANfbqanFgY8--