pf 4.1 Update
=============

C O M M I T T E D  T O  H E A D !   WILL BE PART OF FreeBSD 7.0
C O M M I T T E D  T O  H E A D !   WILL BE PART OF FreeBSD 7.0
C O M M I T T E D  T O  H E A D !   WILL BE PART OF FreeBSD 7.0

RELENG_6
========

To use pf 4.1 in RELENG_6 you have to do the following:
 - get a recent CVS checkout of -rRELENG_6 or -rRELENG_6_3 (when it's there)
 $ cvs up -rHEAD contrib/pf sys/contrib/pf libexec/tftp-proxy \
     usr.sbin/ftp-proxy sbin/ifconfig/ifgroup.c
 $ fetch http://people.freebsd.org/~mlaier/PF41/pf.41.RELENG_6.diff
 $ patch -p6 < pf.41.RELENG_6.diff
 - build a new kernel *AND* world
 - install
 - test
 - REPORT success or failure to freebsd-pf@ / mlaier@

Note that an MFC is out of the question as there is massive ABI breakage
involved.

HISTORY
=======

Apply to a recent current by untaring pf.41.<date>.tgz into src and applying
pf.41.<date>.diff with patch -p 6 (or 5/7 ... whichever works).

Known problems (see other files for details):
 - 1 LOR (probably false alarm, fixed)
 - malloc warnings w/ EVENTHANDLERs (fixed by 20070613)
 - panic on pfsync slave (fixed by 20070621)
 - nat w/o log returns EINVAL (fixed by 20060621)

Status:
 - pfsync is not working right now (fixed be 20070616)
 - ALTQ is not working right now (fixed by 20070613)
 - tcpdump doesn't fully understand the new pflog format (fixed by 20070616)
 - largely untested (fixed by 20070613)

History:
 20070610 - initial revision
 20070613 - + ALTQ / - malloc warnings
 20070615 - fix build issue: pf_mtag.h is _KERNEL only
 20070615a - now with the real fix :-\
 20070616 - + pfsync, tcpdump, minors / - uninit warnings on pf.c
 20070616a - it's late - fix the build
 20070616b - strange panic with pflog / user/group logging disabled for now
 20070621 - fix issue w/ nat w/o log / fix pfsync panic on "slave"
 20070625 - overhaul of user/group rules / connect tftp-proxy to the build
 20070629 - fix internal locking hack / fix checksumming of fragments

Please send feedback to mlaier@ and freebsd-pf@ - Thanks