You will need some planning. Pf syntax changed quite a bit a couple releases back.
I'd consider backing up the files converting pf.conf to the new syntax and doing a clean install of 5.2 (out soon). -Bryan On Oct 13, 2012, at 9:47 AM, Matt Morrow <cmorrow...@gmail.com> wrote: > After dealing with a number of issues due to an old 3.8 install which have > been resolved in current releases, I think I'm going to do the individual > release upgrades (3.8->3.9->4.0, etc etc) > > The 3.9 upgrade guide says: > > pfsync(4) <http://www.openbsd.org/cgi-bin/man.cgi?query=pfsync&sektion=4> has > changed format, so it can not keep state between a 3.8 and a 3.9 box. > Mismatched systems will lose all connections when you switch which box is > master, as states will not be transfered between systems. You can minimize > the impact of this by upgrading your backup boxes first, so there is only > one loss of active states. > > > Can anyone explain what that means in terms of my existing pf configuration > working as a simple router with a port forward? Does this simply mean that > during the upgrade, if I had multiple servers running, that boxes would > temporarily lose connectivity during the upgrade as they wouldnt switch > over to a backup server automatically?
