New PF on FreeBSD snapshot available

---

Pyun YongHyeon and Max Laier announce a new release of PF for FreeBSD, which is available for download. Since the first release of PF at the end of March 2003, PF has undergone several major updates such as -current and ALTQ support. They have also removed bugs in IPv6, module handling and table support code and believe the current version 0.61 is very close to production use.

[Read announcement]
------------------------------------------------------------

Date: Wed, 23 Apr 2003 11:16:19 +0200
From: Christian Brueffer <chris@unixpages.org>
To: current@freebsd.org
Subject: New PF on FreeBSD snapshot available

--vkogqOf2sHV7VnPd
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi,

I'm sending this on behalf of Pyun YongHyeon <yonagri@kt-is.co.kr>
(he can't send messages to the lists himself for some reason).


---------------

PF on FreeBSD 5.X

URL: http://pf4freebsd.love2party.net/index.html

Contact: Pyun YongHyeon <yonagri@kt-is.co.kr>
Contact: Max Laier <max@love2party.net>

We are very pleased to announce that a new release is available for
download at
http://pf4freebsd.love2party.net/pf_freebsd_0.61.tar.gz.

Since the first release of PF at the end of March 2003, PF has undergone
several major updates such as -current and ALTQ support. We also have
removed bugs in IPv6, module handling and table support code.
We believe the current version 0.61 is very close to production use.

PF on FreeBSD provides nearly the same features as OpenBSD PF does,
except some minor differences. (Probably we can mimic this missing
behaviour if kernel sources could be modified.)
Now, users on FreeBSD can choose the most appropriate filtering software
with regard to his/her taste or policy among PF, ipfw and ipfilter.
For those who are not familiar with PF, PF supports the following
features over ipfw.

. built-in variable expansion
. built-in NAT and preventing NAT detection
. table (a kind of very large blocks of address) support
. packet normalization
. state modulation
. powerful state tracking
. automatic rule optimization
. queueing with ALTQ
. load balancing with multiple routes

PF on FreeBSD supports FreeBSD 5 and -current systems. Because ALTQ on
FreeBSD is still experimental at this time, PF's ALTQ support is somewhat
limited to a small set of network drivers. With ALTQ enabled PF, you can
get amazing performance with "prioritizing empty acks" on ADSL connections.
Due to ALTQ network driver lacking support network interfaces such as ppp
or netgraph nodes at this time, this can only be achieved on a system which
uses a transparent xDSL connection. (A system that uses transparent xDSL
is not aware of the existence of xDSL. So this system does not use ppp
or mpd at all. This system uses a static IP address and configures its
network as if the connection comes from normal T1/E1 lines. I don't know
any other countries which support this kind of service except Korea.)

If FreeBSD merges code from ALTQ, PF would be the most preferrable packet
filter. PF on FreeBSD can be configured not to use ALTQ too.

--------------

- Christian

--=20
Christian Brueffer chris@unixpages.org brueffer@FreeBSD.org
GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc
GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D

--vkogqOf2sHV7VnPd
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE+plnjbHYXjKDtmC0RAv59AKCL6pG2/wMjFrDmC7nfbmJPvi/WwgCg1PyP
XHAEyrmP9g2ZfyhdFC9rDZQ=
=wKaV
-----END PGP SIGNATURE-----

--vkogqOf2sHV7VnPd--