asg
push it, don´t hype
Pyun YongHyeon und Max Laier haben eine neues Release von PF für FreeBSD herausgebracht, welches unter http://pf4freebsd.love2party.net/pf_freebsd_0.61.tar.gz zum download bereitsteht.
Seit dem ersten Release Ende März, wurde PF einigen Verbesserungen unterzogen, so ist der support für -CURRENT und ALTQ zu nennen. Auch wurden einige Fehler in IPv6 beseitigt, so dass die neue Version 0.61 schon fast für eine Produktionsumgebung zu verwenden ist.
Wer mehr darüber erfahren möchte, kann auf der PF homepage von Pyun YoungHyeon, http://pf4freebsd.love2party.net/index.html, mehr darüber erfahren.
Hier noch das vollständige Announcement, welches 23. April 2003 an current@freebsd.org ging:
PF on FreeBSD 5.X
URL: http://pf4freebsd.love2party.net/index.html
Contact: Pyun YongHyeon <yonagri@kt-is.co.kr>
Contact: Max Laier <max@love2party.net>
We are very pleased to announce that a new release is available for
download at
http://pf4freebsd.love2party.net/pf...sd_0.61.tar.gz.
Since the first release of PF at the end of March 2003, PF has undergone
several major updates such as -current and ALTQ support. We also have
removed bugs in IPv6, module handling and table support code.
We believe the current version 0.61 is very close to production use.
PF on FreeBSD provides nearly the same features as OpenBSD PF does,
except some minor differences. (Probably we can mimic this missing
behaviour if kernel sources could be modified.)
Now, users on FreeBSD can choose the most appropriate filtering software
with regard to his/her taste or policy among PF, ipfw and ipfilter.
For those who are not familiar with PF, PF supports the following
features over ipfw.
. built-in variable expansion
. built-in NAT and preventing NAT detection
. table (a kind of very large blocks of address) support
. packet normalization
. state modulation
. powerful state tracking
. automatic rule optimization
. queueing with ALTQ
. load balancing with multiple routes
PF on FreeBSD supports FreeBSD 5 and -current systems. Because ALTQ on
FreeBSD is still experimental at this time, PF's ALTQ support is somewhat
limited to a small set of network drivers. With ALTQ enabled PF, you can
get amazing performance with "prioritizing empty acks" on ADSL connections.
Due to ALTQ network driver lacking support network interfaces such as ppp
or netgraph nodes at this time, this can only be achieved on a system which
uses a transparent xDSL connection. (A system that uses transparent xDSL
is not aware of the existence of xDSL. So this system does not use ppp
or mpd at all. This system uses a static IP address and configures its
network as if the connection comes from normal T1/E1 lines. I don't know
any other countries which support this kind of service except Korea.)
If FreeBSD merges code from ALTQ, PF would be the most preferrable packet
filter. PF on FreeBSD can be configured not to use ALTQ too.
Seit dem ersten Release Ende März, wurde PF einigen Verbesserungen unterzogen, so ist der support für -CURRENT und ALTQ zu nennen. Auch wurden einige Fehler in IPv6 beseitigt, so dass die neue Version 0.61 schon fast für eine Produktionsumgebung zu verwenden ist.
Wer mehr darüber erfahren möchte, kann auf der PF homepage von Pyun YoungHyeon, http://pf4freebsd.love2party.net/index.html, mehr darüber erfahren.
Hier noch das vollständige Announcement, welches 23. April 2003 an current@freebsd.org ging:
PF on FreeBSD 5.X
URL: http://pf4freebsd.love2party.net/index.html
Contact: Pyun YongHyeon <yonagri@kt-is.co.kr>
Contact: Max Laier <max@love2party.net>
We are very pleased to announce that a new release is available for
download at
http://pf4freebsd.love2party.net/pf...sd_0.61.tar.gz.
Since the first release of PF at the end of March 2003, PF has undergone
several major updates such as -current and ALTQ support. We also have
removed bugs in IPv6, module handling and table support code.
We believe the current version 0.61 is very close to production use.
PF on FreeBSD provides nearly the same features as OpenBSD PF does,
except some minor differences. (Probably we can mimic this missing
behaviour if kernel sources could be modified.)
Now, users on FreeBSD can choose the most appropriate filtering software
with regard to his/her taste or policy among PF, ipfw and ipfilter.
For those who are not familiar with PF, PF supports the following
features over ipfw.
. built-in variable expansion
. built-in NAT and preventing NAT detection
. table (a kind of very large blocks of address) support
. packet normalization
. state modulation
. powerful state tracking
. automatic rule optimization
. queueing with ALTQ
. load balancing with multiple routes
PF on FreeBSD supports FreeBSD 5 and -current systems. Because ALTQ on
FreeBSD is still experimental at this time, PF's ALTQ support is somewhat
limited to a small set of network drivers. With ALTQ enabled PF, you can
get amazing performance with "prioritizing empty acks" on ADSL connections.
Due to ALTQ network driver lacking support network interfaces such as ppp
or netgraph nodes at this time, this can only be achieved on a system which
uses a transparent xDSL connection. (A system that uses transparent xDSL
is not aware of the existence of xDSL. So this system does not use ppp
or mpd at all. This system uses a static IP address and configures its
network as if the connection comes from normal T1/E1 lines. I don't know
any other countries which support this kind of service except Korea.)
If FreeBSD merges code from ALTQ, PF would be the most preferrable packet
filter. PF on FreeBSD can be configured not to use ALTQ too.
Zuletzt bearbeitet: