On Mon, Apr 01, 2019 at 05:31:54AM -0600, Theo de Raadt wrote: > Todd C. Miller <mill...@openbsd.org> wrote: > > > On Mon, 01 Apr 2019 07:01:03 +0200, Claudio Jeker wrote: > > > > > There have been internal discussions about OpenBSD also removing the pf > > > packet filter after the upcoming 6.5 release. Instead a switch to > > > using David Gwynne's new bpf filter will happen. > > > The benefits outweigh the drawbacks and the missing features will be > > > readily implemented in time for the 6.6 release. > > > > Will the bpf JIT changes be done in time for 6.6? I have no doubt > > that "pfctl -p /dev/bfp" can be made to work in time but for a truly > > performant firewall we will need bpf JIT. > > Don't think so -- JIT-less is the new hot.
I'd rather see this new bpf pick up serverless functionality. -- Shawn Webb Cofounder / Security Engineer HardenedBSD Tor-ified Signal: +1 443-546-8752 Tor+XMPP+OTR: latt...@is.a.hacker.sx GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2
signature.asc
Description: PGP signature
