cvs commit: src/sys/contrib/pf/net if_pflog.c if_pflog.h
if_pfsync.c if_pfsync.h pf.c pf_ioctl.c pf_norm.c pf_osfp.c
pf_table.c pfvar.h src/sys/contrib/pf/netinet in4_cksum.c
Tim Robbins
tjr at freebsd.org
Thu Feb 26 02:59:05 PST 2004
On Thu, Feb 26, 2004 at 01:50:16AM -0800, Luigi Rizzo wrote:
> for what matters, i have posted to -net patches some time ago to extend
> ipfw2 to deal with ipv6 packets (thus effectively replacing ipfw6).
> No feedback in 6 weeks, to me this looks like lack of interest.
>
> > problem of having too many firewalls. What I'd like to see is ipfw,
> > ipfilter and ip6fw implemented in terms of the pf kernel code, then
>
> what is the motivation for that ? Features ?
Personal taste and features. But now that I think about it, I don't
mind terribly much whether the kernel is ipfw2 or pf, so long as I
get my features and syntactic sugar, and ideally there be only one
firewall interface to the kernel. I don't want to start a bikeshed
on which is better, and I don't mean to belittle your work on ipfw2
(or Darren's work on IPFilter).
Tim
More information about the cvs-src
mailing list