On Wednesday 21 January 2004 16:58, Art Mason wrote:
> Yes, indeed, many thanks for the quick response. I had read through
> the makefile, but wasn't sure if there were any additional settings
> that I should take into consideration. On that note, does anyone have
> any experience running PF under 5.2-RELEASE in a production
> environment, especially in conjunction w/ ALTQ? I'm just curious,
> because I've really taken a liking to PF under OpenBSD and really like
> the ALTQ integration, especially in regards to upstream traffic
> shaping. Does anyone have any experience with such implementations
> under 5.2-RELEASE.
>
If you will use pf on a dail-up line, which gets a dynamic IP via dhcp or
similar means, or if you are _very_ concerned about secuirty, you might
want to take a look at the "patches" directory
(cd /usr/ports/security/pf; make patch; cd work/pf_freebsd_2.02/patches/;
less README) to learn about additonal tweaks ("(if_name)" syntax, and bpf
security).
pf alone has proven stable on a large number of FreeBSD installations
(SMP, UP, 64bit ...) among them very busy sites. ALTQ lacks real-life
tests for some of the "supported" NICs (as none of the ALTQ patchset
developers has access to a big testlab). fxp, rl, tun and dc are well
tested (by either Adrian, Pyun or myself) ... if you have another card
reports are _very_ welcome! Just write a mail and we will spam you with
patchsets until it works ;)
--
Best regards, | [EMAIL PROTECTED]
Max Laier | ICQ #67774661
http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED]
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
