-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2013-04-15 15:27:55 -0400, Cy Schubert wrote:
> In message <A2450361-D9E9-498F-AD44-846563EF04CB_at_yahoo.com>, Scott
> Long writes:
>>
>> On Apr 15, 2013, at 11:48 AM, Cy Schubert
>> <Cy.Schubert_at_komquats.com> wrote:
>>
>>> In message <18DF99B0-6E66-4906-A233-7778451B8A92_at_felyko.com>,
>>> Rui Paulo writes:
>>>> 2013/04/15 9:55�$B!"�(BCy Schubert <Cy.Schubert_at_komquats.com>
>>>> �$B$N%a%C%;!<%8�
>> (B:
>>>>
>>>>> I've been planning on taking on IP Filter for quite some
>>>>> time. Unfortunately I've left my src commit bit lapse (my
>>>>> ports commit bit is alive and well though) thus I'm looking
>>>>> for a mentor. In addition I'm working on an ACER WMI/ACPI
>>>>> kld. One mentor would be preferred but two would be fine
>>>>> too.
>>>>
>>>> What are your plans regarding ipfilter? I remain unconvinced
>>>> that it shoul
>> d b
>>>> e in the base system. Perhaps you can work on it as a port?
>>>
>>> The initial plan was to import IP Filter 5.1.2 into HEAD.
>>> darrenr_at_ hadn't done much with IPF while employed with Sun.
>>> Since then there has been some development that is long overdue
>>> for HEAD.
>>>
>>> I'm not sure if I'd MFC it into 9 or not.
>>>
>>> I did consider a port but given it would has to touch bits and
>>> pieces of the source tree (/usr/src), a port would be messy and
>>> the decision was made
>>
>>> to work on importing it into base.
>>>
>>>>
>>>> Why do you want to work on something that people have been
>>>> trying to remov
>> e s
>>>> ince 2005?
>>>
>>> I and others have been using it in FreeBSD for over decade. For
>>> the longest
>>
>>> of time we'd use a common set of rules across a FreeBSD and
>>> Solaris farm (using ipfmeta, makefiles, rsync, rdist, and a
>>> local CVS repo). Interoperability with other systems which use
>>> IP Filter is a plus. If there's a maintainer, it only makes
>>> FreeBSD richer. Losing IP Filter would be a loss.
>>>
>>
>>
>> If you're committed to maintaining IPFilter, that's great.
>> However, it can't be left to stagger along in a zombie state
>> with nothing more than good intentio ns from well meaning people.
>> What is your timeline for getting it back into sha pe and
>> re-integrating yourself into the committer community?
>
> I would think this would be my top priority right now. I'd like to
> see it at the latest level in HEAD. I would like to MFC to 9-STABLE
> at some point.
>
> Given that IPF already lives in src/contrib and src/sys/contrib,
> would the change in License from Darren Reed's own not so BSD
> friendly IPF license to GPLv2 be of concern. I recall there was a
> lot of concern over IPF's license change at the time. (FreeBSD
> moved it to contrib while OpenBSD removed it completely and wrote
> PF -- I'm not sure what NetBSD did).
FYI, NetBSD has PF from OpenBSD:
http://www.netbsd.org/docs/network/pf.html
Also, they upgraded it to the latest GPL'ed sources recently (and
moved to a different directory):
http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/external/bsd/ipf/netinet/?only_with_tag=MAIN
Now they have their own packet filter, called NPF:
http://mail-index.netbsd.org/netbsd-announce/2012/10/17/msg000161.html
They have more choices now. :-)
Jung-uk Kim
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)
iQEcBAEBAgAGBQJRbFjtAAoJECXpabHZMqHOSFkIAK72iLtzb1py01/A+SbX8ejn
hi5eh8ri6QQ2Kh4K96b/R5oHk5PoGNpc7xX7Kbp1wyJ2OrdNvAPnElwMDpPCjnRC
rKPXiS25Km9D1e18E2pLB4iTweb/AOf87bGRz6skm3Rq0D4XOX9dwRndj1vqRxmH
V/Rrdlzprx4EvDmgmfAfSZwGTGit6fVXqHHj5LtONURNKe4qAliVIdxB1vQFQBqB
BnHF1gN7tIJVCrn+4yKSVsv6vqRSXp5LOIRBw2ooURKEkkKqVIapboEU+pGitN4g
dbVZkoBol7V+LfqBBpsG7JH+OboUvdvWJ7hqeNtAV4YerBBBbePvx9D5iehmRUk=
=/mAG
-----END PGP SIGNATURE-----
Received on Mon Apr 15 2013 - 17:48:38 UTC