Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

pfsense uses FreeBSD's fork of pf, which is years out of date

It is true that FreeBSD's pf lacks some of the recent improvements which have been made in OpenBSD's pf.

It is also true that OpenBSD's pf lacks some of the recent improvements which have been made in FreeBSD's pf.



What are some of FreeBSD's improvements, apart from multithreading?


VIMAGE / VNET, which allow you to have an instance of pf for each jail. Very useful


The MT work is important, don't be so ready to dismiss it. There has also been work on speeding up pf outside of the MT work.


I'm just not sure how significant the MT work is. OpenBSD's pf has also had performance improvements since 4.5; it would be good to see a benchmark.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: