We knew it was coming. OpenBSD 4.6 is now available with lots of new features. Except for the several improved hardware support and other improvements, this release includes a few worth-mentioning improvements concerning the pf (Packet Filter), a default system’s software aka one of the most advanced firewall software.

• Enabled pf by default in the rc.conf.
• Removed pf scrub rules, and only do one kind of packet reassembly. Rulesets with scrub rules need to be modified because of this.
• Regular rules can now have per-rule scrub options.
• Added new “match” keyword which only applies rule options but does not change the current pass/block state.
• Make all pf operations transactional to improve atomicity of reloads.
• Stricter pf checking for ICMP and ICMPv6 packets.
• Various improvements to pfsync to lower sync traffic bandwidth and optionally allow active-active firewall setups.
• Fix pf scrub max-mss for IPv6 traffic.

You can find more details about all the new features shipping with this release here.

Last but not least, as Jeremy S. Anderson said:

There are two major products that come out of Berkeley: LSD and UNIX. We don’t believe this to be a coincidence.