Future of pf / firewall in FreeBSD ? - does it have one ?

Jerry jerry at seibercom.net
Thu Jul 31 12:42:17 UTC 2014

On Thu, 31 Jul 2014 22:02:22 +1000, Da Rock stated:

>Without diminishing your efforts so far, what do you think about 
>pitching all efforts into IPFW to combine effort and reduce overhead of 
>maintaining separate firewalls in the core? Is there an advantage to 
>having our own pf?

The advantage is obvious -- you would have total control over the code. The
disadvantage is that there is no one else to blame if it goes south.

I use IPFW exclusively. I am by no means an expert, but I have figured out
how to get it working without having to read reams of documentation. There
are several examples that can be used and boilerplate's to be found on the
FreeBSD site. I believe that those examples could be updated and perhaps a
few others added, but it is certainly a good start.

I have always believed that if you are not going to do something right, then
don't do it at all. Continuing to maintain an application that is not fully
functional, and lets face it, "state of the art", is just an example of

There are always going to be those 10% of users who are going to bitch and
moan like a group of whiny high school girls. Forget them. They will
eventually get on board. Hell, there are morons who would consider this a
lèse majesté, as they no doubt did when cities changed from gas lights to
electric one.

The inability or unwillingness to evolve and change leads to extinction.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20140731/f6bb52f7/attachment.sig>

More information about the freebsd-questions mailing list