Re: [pfSense] Traffic Limiter name change
On Fri, Jun 24, 2016 at 1:01 PM, Karl Fife wrote: > We've entered the wonderful world of the traffic limiters. Specifically, we > put FACEBOOK subnets through a comparatively skinny pipe. This is done to > make it JUST a bit too painful to look at kitten photos, but perfectly > suitable to look at CompetitorCo's facebook page for legitimate business > purposes. We're still collecting empirical data on how much it disuades > personal use, but it doesn't seem to create tension the way that explicit > blocking would. > > The issue: > > in <=2.2 if an in-use limiter is renamed, the system will yell at you. IMO, > that's good. > That's not true actually. No input_errors there when renaming a limiter. You can't delete one that's in use. 2.3 is the same in that regard. There is a bug ticket open on updating firewall rules when a limiter is renamed (or preventing renaming) to avoid removal of limiters from rules when renamed. That's no diff than it's ever been though. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Traffic Limiter name change
What a brilliantly dick move, LOL. On 6/24/2016 1:01 PM, Karl Fife wrote: We've entered the wonderful world of the traffic limiters. Specifically, we put FACEBOOK subnets through a comparatively skinny pipe. This is done to make it JUST a bit too painful to look at kitten photos, but perfectly suitable to look at CompetitorCo's facebook page for legitimate business purposes. We're still collecting empirical data on how much it disuades personal use, but it doesn't seem to create tension the way that explicit blocking would. The issue: in <=2.2 if an in-use limiter is renamed, the system will yell at you. IMO, that's good. in 2.3, if an in-use limiter is renamed, the system will not yell at you. IMO that's bad. Should this fact be considered a regression, or is there a reason for removing this notice/check? IMO, it would be preferable to abstract the limiter names the way aliases have been abstracted (so they can be changed without the risk of breaking things) but I understand that limiters may not be used as frequently as aliases. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold -- Signed, Benjamin E. Nichols http://www.squidblacklist.org 1-405-397-1360 ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Traffic Limiter name change
We've entered the wonderful world of the traffic limiters. Specifically, we put FACEBOOK subnets through a comparatively skinny pipe. This is done to make it JUST a bit too painful to look at kitten photos, but perfectly suitable to look at CompetitorCo's facebook page for legitimate business purposes. We're still collecting empirical data on how much it disuades personal use, but it doesn't seem to create tension the way that explicit blocking would. The issue: in <=2.2 if an in-use limiter is renamed, the system will yell at you. IMO, that's good. in 2.3, if an in-use limiter is renamed, the system will not yell at you. IMO that's bad. Should this fact be considered a regression, or is there a reason for removing this notice/check? IMO, it would be preferable to abstract the limiter names the way aliases have been abstracted (so they can be changed without the risk of breaking things) but I understand that limiters may not be used as frequently as aliases. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold