Building the Network You Need with OpenBSD's PF: EuroBSDCon, St. Julian's, September 26th 2013 | ||
---|---|---|
Prev | Next |
OpenBSD 4.8 and 4.9 had few user visible changes to PF (but the logging system was cleaned up), bug fixes, IPv6 related fixes, including fragment handling
The Next Big Thing: New traffic shaping subsystem (aka the beginning of the end for ALTQ), at first prio keyword for per rule priority (5.0)
The proxies (ftp-proxy, tftp-proxy) changed to divert(4), use divert-to in rules (5.0)
In OpenBSD 5.1 we saw NAT64 implemented with af-to, plus misc IPv6 sanity injections
OpenBSD 5.2: Set-able prio and tos, improved TOS handling, least-states translation option for load balancing added, limit on number of pflog(8) interfaces removed (was 16), pfsync(8) improvements
OpenBSD 5.3: (Incremental) syntax change: queue assignment (still ALTQ) becomes a set operation, misc bug fixes and speed improvements