From owner-freebsd-pf@FreeBSD.ORG  Thu Dec 18 00:02:47 2014
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 3DD24D79
 for <freebsd-pf@freebsd.org>; Thu, 18 Dec 2014 00:02:47 +0000 (UTC)
Received: from mailstore06.sysedata.no (b.mail.tornado.no [195.159.29.130])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 032191447
 for <freebsd-pf@freebsd.org>; Thu, 18 Dec 2014 00:02:45 +0000 (UTC)
Received: from [195.159.29.130] (helo=www.eposttjener.no)
 by mailstore06.sysedata.no with esmtpa (Exim 4.71)
 (envelope-from <daniel.engberg.lists@pyret.net>) id 1Y1OG7-0002nY-L1
 for freebsd-pf@freebsd.org; Thu, 18 Dec 2014 00:43:59 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Thu, 18 Dec 2014 00:43:59 +0100
From: Daniel Engberg <daniel.engberg.lists@pyret.net>
To: freebsd-pf@freebsd.org
Subject: Alternative to =?UTF-8?Q?pf=3F?=
Message-ID: <7be936232e96ae10d9734598014fd9d5@pyret.net>
X-Sender: daniel.engberg.lists@pyret.net
User-Agent: Roundcube Webmail/0.9.4
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Dec 2014 00:02:47 -0000

Hi,

During the year there has been several discussions regarding the state 
of pf in FreeBSD. In most cases it seems to boil down to that it's too 
hard/time-consuming to bring upstream patches from OpenBSD to FreeBSD. 
As it's been mentioned Apple seems to update pf somewhat (copyright is 
changed to 2013 at least) and file size differs between OS X releases 
but I wasn't able to find any commit logs.

That said, NetBSD have something similar to pf in syntax called npf 
which seems actively maintained and the author seems open to the idea of 
porting it to FreeBSD.
http://www.netbsd.org/~rmind/pub/npf_asiabsdcon_2014.pdf - Page 24
However I'm not certain that it surpasses our current pf in terms of 
functionality in all cases (apart from the firewalling ALTQ comes to 
mind etc).
Perhaps this might be worth looking into and in the end drop pf due to 
the reasons above?

That said, don't forget all the work that has gone into getting pf where 
it is today.
While I'm at it, does anyone else than me use ALTQ? While it's not 
multithreaded I find a very good "tool" and it does shaping really well.

Best regards,
Daniel