In message <516C58ED.40505_at_FreeBSD.org>, Jung-uk Kim writes:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2013-04-15 15:27:55 -0400, Cy Schubert wrote:
> > In message <A2450361-D9E9-498F-AD44-846563EF04CB_at_yahoo.com>, Scott
> > Long writes:
> >>
> >> On Apr 15, 2013, at 11:48 AM, Cy Schubert
> >> <Cy.Schubert_at_komquats.com> wrote:
> >>
> >>> In message <18DF99B0-6E66-4906-A233-7778451B8A92_at_felyko.com>,
> >>> Rui Paulo writes:
> >>>> 2013/04/15 9:55�$B!"�(BCy Schubert <Cy.Schubert_at_komquats.com>
> >>>> �$B$N%a%C%;!<%8�
> >> (B:
> >>>>
> >>>>> I've been planning on taking on IP Filter for quite some
> >>>>> time. Unfortunately I've left my src commit bit lapse (my
> >>>>> ports commit bit is alive and well though) thus I'm looking
> >>>>> for a mentor. In addition I'm working on an ACER WMI/ACPI
> >>>>> kld. One mentor would be preferred but two would be fine
> >>>>> too.
> >>>>
> >>>> What are your plans regarding ipfilter? I remain unconvinced
> >>>> that it shoul
> >> d b
> >>>> e in the base system. Perhaps you can work on it as a port?
> >>>
> >>> The initial plan was to import IP Filter 5.1.2 into HEAD.
> >>> darrenr_at_ hadn't done much with IPF while employed with Sun.
> >>> Since then there has been some development that is long overdue
> >>> for HEAD.
> >>>
> >>> I'm not sure if I'd MFC it into 9 or not.
> >>>
> >>> I did consider a port but given it would has to touch bits and
> >>> pieces of the source tree (/usr/src), a port would be messy and
> >>> the decision was made
> >>
> >>> to work on importing it into base.
> >>>
> >>>>
> >>>> Why do you want to work on something that people have been
> >>>> trying to remov
> >> e s
> >>>> ince 2005?
> >>>
> >>> I and others have been using it in FreeBSD for over decade. For
> >>> the longest
> >>
> >>> of time we'd use a common set of rules across a FreeBSD and
> >>> Solaris farm (using ipfmeta, makefiles, rsync, rdist, and a
> >>> local CVS repo). Interoperability with other systems which use
> >>> IP Filter is a plus. If there's a maintainer, it only makes
> >>> FreeBSD richer. Losing IP Filter would be a loss.
> >>>
> >>
> >>
> >> If you're committed to maintaining IPFilter, that's great.
> >> However, it can't be left to stagger along in a zombie state
> >> with nothing more than good intentio ns from well meaning people.
> >> What is your timeline for getting it back into sha pe and
> >> re-integrating yourself into the committer community?
> >
> > I would think this would be my top priority right now. I'd like to
> > see it at the latest level in HEAD. I would like to MFC to 9-STABLE
> > at some point.
> >
> > Given that IPF already lives in src/contrib and src/sys/contrib,
> > would the change in License from Darren Reed's own not so BSD
> > friendly IPF license to GPLv2 be of concern. I recall there was a
> > lot of concern over IPF's license change at the time. (FreeBSD
> > moved it to contrib while OpenBSD removed it completely and wrote
> > PF -- I'm not sure what NetBSD did).
>
> FYI, NetBSD has PF from OpenBSD:
>
> http://www.netbsd.org/docs/network/pf.html
>
> Also, they upgraded it to the latest GPL'ed sources recently (and
> moved to a different directory):
>
> http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/external/bsd/ipf/netinet/?only_wi
> th_tag=MAIN
>
> Now they have their own packet filter, called NPF:
>
> http://mail-index.netbsd.org/netbsd-announce/2012/10/17/msg000161.html
>
> They have more choices now. :-)
I'm always (or usually) one for more than fewer choices.
--
Cheers,
Cy Schubert <Cy.Schubert_at_komquats.com>
FreeBSD UNIX: <cy_at_FreeBSD.org> Web: http://www.FreeBSD.org
Received on Mon Apr 15 2013 - 17:52:46 UTC