Improvements in bridge and pf code ALTQ now works on bridged interfaces State modulation in pf Randomizes TCP sequence numbers for bad stacks Great for embedded TCP devices (printers) Proxies can now add pf states dynamically More routing options in pf Performance improvements in pf NAT scales well in large environments