pf & ALTQ in m0n0wall?

From:	Jesse Guardiani <jesse at wingnet dot net>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	pf & ALTQ in m0n0wall?
Date:	Thu, 24 Feb 2005 00:19:26 -0500

Hello,

I know I'm getting ahead of myself a bit, but
are pf + ALTQ on the roadmap for m0n0wall instead
of ipfw + ipnat + ipfilter now that we have a
FreeBSD 5.3 based m0n0wall Beta?

I only ask because:

a.) People have mentioned at various times in the
    past that pf might be the solution to a
    number of the current quirks or problems
    in m0n0wall.

b.) I'm reading the pf man pages and it does indeed
    look like a much more unified, complete, and
    powerful system.

However, I realize that a ton of work would be
necessary to make the switch, learn to work around
any quirks in pf (assuming that there aren't any
show stoppers), then eventually get back to the
level of reliability we have with
ipfw + ipnat + ipfilter. Frankly, it seems that
either a separate project or at least a version
fork (kind of like the difference between FreeBSD
4.x and 5.x) would be necessary.

At first glance it looks like pfSense is doing
just that, but a deeper look reveals that the
pfSense project doesn't intend to support WRAP
or Soekris platforms in the near future, and
these platforms are my primary interest.

Curious to know Manuel's and other's thoughts
on the subject.

Thanks!

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net