With Docker it is possible to extend the FW much more without having to build all the Addons you like to play around (e.g. nginx, pmacct, transmission, tvheadend, etc..) It makes thinks much easier.

For that a fast filesystem is usefull which is provided in newer kernels (overlayfs). The currently used Kernel is close to its EOL.

nDPI is an interessting approche to filter and finally to classify the kind of traffic. E.g. I had never success bit l7 rules for TeamSpeak.

Michael, what are you concerns about these new topics? Do you want to focus in Version 3 mainly and don't want to advance Version 2?

Ben