Improved hardware support, including:

• MSI interrupts for many devices, on those architectures which can support them (amd64, i386, sparc64 only so far).
• A new dma_alloc(9) API makes it easier for kernel code to allocate dma-safe memory. Many drivers (especially network drivers) and subsystems (in particular scsi and the buffer cache) were adapted to use this.
• As a result, big-memory support has been enabled on all possible architectures.

Generic network stack improvements:

• Added support for sending Wake on Lan packets using arp(8).
• Permit turning Wake on Lan support on/off using ifconfig(8).
• Added Wake on Lan support to xl(4), re(4), and vr(4).
• The IPv4 stack will no longer accept ICMP redirects when acting as a router.
• Make gre(4) work between systems in the same LAN.
• Kernel randomization speed and quality improved substantially.

pf(4) improvements:

• Make pf(4) reassemble IPv6 fragments. In the forward case, pf refragments the packets with the same maximum size.
• Allow pf(4) to filter on the rdomain a packet belongs to.
• Make pf(4) allow userland proxies to establish cross rdomain proxy sessions.
• Added IPv6 ACK prioritization in pf(4).
• Change 'set skip on <... data-preserve-html-node="true">' to work with interface groups.
• pfsync(4) supports IPv6 as network protocol.
• Switched ftp-proxy(8) over to divert-to instead of rdr-to.
• tftp-proxy(8) uses 'divert-to' as well.

SCSI improvements:

• most SCSI hardware drivers now use the new iopools infrastructure.
• scsi(4) devices are now all provided with a unique devid, which is displayed during the probe process.
• ASC/ASCQ error codes and verbiage now in sync with http://www.t10.org/lists/asc-num.txt.
• progress on iSCSI includes better login, better logout, preliminary FSM support in iscsid(8), and improved logging and debug information.
• uk(4) can now safely and reliably detach an unknown SCSI device.
• mpath(4) device and kernel support is improved.
• vscsi(4) now ensures output always goes to the correct connection.
• vscsi(4) connections can now be reset gracefully.
• scsi(4) devices on fibre channel fabrics no longer inherit the adapter's address.

Assorted improvements:

• For additional security, security(8) was rewritten in Perl.
• Mandoc 1.11.4: Now accepts eqn(7) input (no fancy formatting yet) and supports -Tutf8 output (but no utf8 input yet).
• Removed a variety of OS-compat emulation code, leaving just the Linux support.
• Small improvements to Linux compat (only available on i386).
• On MBR-based disks, scan through up to 256 extended partition tables when looking for an OpenBSD partition table.
• Improved correctness of signals and various syscalls when rthreads are in use.
• Fixed some shutdown/reboot hangs on NFS clients.

Install/Upgrade process changes:

• Completed support for DUID disk installs, and enabled it fully.
• Tried to make sysmerge(8) work in the installer, but ran into small problems and decided to disable it.
• Install non-free firmwares from the internet upon first boot, based on a question in the installer.
• svnd(4)-like behaviour became the default for vnd(4) devices. This is what is used to build the media.

rc.d(8) framework improvements:

• rc.d(8) is now also used for the base system daemons.
• Backward compatible with the historic way of starting daemons.
• Notify the user by appending (ok) or (failed) in interactive mode.
• Better diagnostics with the introduction of RC_DEBUG.

OpenSSH 5.9