The desire to remove it stems from the inability to give it adequate engineering service as the network stack evolves. Simply taking it out of a kernel config file doesn't address that problem at all. If it's going to stay in FreeBSD at all, it needs to be maintained. This could be set about a fair amount of stuff in FreeBSD, but IPFilter stands out since there's a high rate of needed change happening in the network stack, and it shouldn't be left to rot nor to be a stumbling block for those changes. Scott On Apr 15, 2013, at 12:49 PM, "Sam Fourman Jr." <sfourman_at_gmail.com> wrote: > Thank you to those that have expressed interest in maintaining IP Filter.. > > My thoughts are, could we consider putting a option in the kernel config, > and leaving it off by default for GENERIC? > I think this is a acceptable compromise, considering some people wish for > it to be removed. > > Sam Fourman Jr. > > > On Mon, Apr 15, 2013 at 1:48 PM, Cy Schubert <Cy.Schubert_at_komquats.com>wrote: > >> In message <18DF99B0-6E66-4906-A233-7778451B8A92_at_felyko.com>, Rui Paulo >> writes: >>> 2013/04/15 9:55、Cy Schubert <Cy.Schubert_at_komquats.com> のメッセージ: >>> >>>> I've been planning on taking on IP Filter for quite some time. >>>> Unfortunately I've left my src commit bit lapse (my ports commit bit is >>>> alive and well though) thus I'm looking for a mentor. In addition I'm >>>> working on an ACER WMI/ACPI kld. One mentor would be preferred but two >>>> would be fine too. >>> >>> What are your plans regarding ipfilter? I remain unconvinced that it >> should b >>> e in the base system. Perhaps you can work on it as a port? >> >> The initial plan was to import IP Filter 5.1.2 into HEAD. darrenr_at_ hadn't >> done much with IPF while employed with Sun. Since then there has been some >> development that is long overdue for HEAD. >> >> I'm not sure if I'd MFC it into 9 or not. >> >> I did consider a port but given it would has to touch bits and pieces of >> the source tree (/usr/src), a port would be messy and the decision was made >> to work on importing it into base. >> >>> >>> Why do you want to work on something that people have been trying to >> remove s >>> ince 2005? >> >> I and others have been using it in FreeBSD for over decade. For the longest >> of time we'd use a common set of rules across a FreeBSD and Solaris farm >> (using ipfmeta, makefiles, rsync, rdist, and a local CVS repo). >> Interoperability with other systems which use IP Filter is a plus. If >> there's a maintainer, it only makes FreeBSD richer. Losing IP Filter would >> be a loss. >> >> >> -- >> Cheers, >> Cy Schubert <Cy.Schubert_at_komquats.com> >> FreeBSD UNIX: <cy_at_FreeBSD.org> Web: http://www.FreeBSD.org >> >> >> _______________________________________________ >> freebsd-current_at_freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-current >> To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org" >> > > > > -- > > Sam Fourman Jr. > _______________________________________________ > freebsd-net_at_freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe_at_freebsd.org"Received on Mon Apr 15 2013 - 16:54:21 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:36 UTC