Future of pf / firewall in FreeBSD ? - does it have one ?
Cy Schubert
Cy.Schubert at komquats.com
Wed Jul 23 20:08:12 UTC 2014
In message <alpine.LRH.2.11.1407201430030.2748 at nber7.nber.org>, Daniel
Feenberg
writes:
>
>
> On Sun, 20 Jul 2014, Lars Engels wrote:
>
> > On Sun, Jul 20, 2014 at 12:18:54PM +0100, krad wrote:
> >> all of that is true, but you are missing the point. Having two versions of
> >> pf on the bsd's at the user level, is a bad thing. It confuses people,
> >> which puts them off. Its a classic case of divide an conquer for other
> >> platforms. I really like the idea of the openpf version, that has been
> >> mentioned in this thread. It would be awesome if it ended up as a supporte
> d
> >> linux thing as well, so the world could be rid of iptables. However i gues
> s
> >> thats just an unrealistic dream
> >
> > And you don't seem to get the point that _someone_ has to do the work.
> > No one has stepped up so far, so nothing is going to change.
> >
>
> No one with authority has yet said that "If an updated pf were available,
> would be welcomed". Rather they have said "An updated pf would not be
> suitable, as it would be incompatible with existing configuration files".
> If the latter is indeed the case, there is little incentive for anyone
> to go to the effort of porting the newer pf. After all, the reward for
> the work is chiefly in glory, and if there is to be no glory, the work
> is unlikely to be done.
I disagree. One does not do this for the glory. One does this because the
nail hurts enough to do something about it.
--
Cheers,
Cy Schubert <Cy.Schubert at komquats.com>
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
The need of the many outweighs the greed of the few.
More information about the freebsd-questions
mailing list