From owner-freebsd-questions@FreeBSD.ORG Fri May 29 23:55:31 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4F46106566B for ; Fri, 29 May 2009 23:55:31 +0000 (UTC) (envelope-from scs@EECS.Berkeley.EDU) Received: from gateway0.EECS.Berkeley.EDU (gateway0.EECS.Berkeley.EDU [169.229.60.87]) by mx1.freebsd.org (Postfix) with ESMTP id 916A98FC19 for ; Fri, 29 May 2009 23:55:31 +0000 (UTC) (envelope-from scs@EECS.Berkeley.EDU) Received: from [192.168.1.13] (adsl-75-18-223-100.dsl.pltn13.sbcglobal.net [75.18.223.100]) (authenticated bits=0) by gateway0.EECS.Berkeley.EDU (8.14.3/8.13.5) with ESMTP id n4TNtTw6022492 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT) for ; Fri, 29 May 2009 16:55:31 -0700 (PDT) Message-Id: From: Steven Schlansker To: freebsd-questions@freebsd.org In-Reply-To: <200905292244.37398.mel.flynn+fbsd.questions@mailing.thruhere.net> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v935.3) Date: Fri, 29 May 2009 16:55:24 -0700 References: <89C182FE-81B9-474E-84EA-FBB6F68C4E75@eecs.berkeley.edu> <200905292001.02072.mel.flynn+fbsd.questions@mailing.thruhere.net> <200905292244.37398.mel.flynn+fbsd.questions@mailing.thruhere.net> X-Mailer: Apple Mail (2.935.3) Subject: Re: pfsync in GENERIC? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 May 2009 23:55:32 -0000 On May 29, 2009, at 1:44 PM, Mel Flynn wrote: > On Friday 29 May 2009 20:38:54 Steven Schlansker wrote: > >> And not to be argumentative, but sys/conf/NOTES does not really >> provide any information. The only comment explains what the device >> does, not why it wouldn't be enabled in GENERIC. Is there any reason >> it could not be? (For those of us who want to use freebsd-update, >> for >> example) > > Choice of the project. You'd have to ask on -current, -pf or - > hackers for a > more authoritative answer, but my guess would be that 80% of the > people using > this feature in production have a highly optimized kernel and > wouldn't be > using GENERIC to begin with. Hm. I was actually under the impression that you wouldn't gain much by compiling your own kernel (except for maybe some disk space). Is that not the case? Is there a strong reason to compile your own kernel for "production" machines? The discussion online is not conclusive (then again I'll probably just get contradictory opinions again here!) I'm just thinking that since pf is included in the base distribution, there's enough people that use it that it's worth including. It seems that pfsync would be a negligible addon, and much more attractive due to the lack of support for building it as a module. Anyway, if I have further questions about pfsync in particular I guess I'll go ask -pf. I may have some free time coming up; maybe I'll even try my hand at hacking on the kernel and see if I can't make it build as a module... (would that be a semi-reasonable project for someone with light familiarity with kernel coding? I've coded up Linux kernel modules before, but haven't worked in-tree on a "real" OS) Best, Steven