svn commit: r240494 - in head: contrib/pf/man contrib/pf/pfctl include sbin/pfctl sbin/pfctl/missing share/man/man4 share/man/man5 sys/conf sys/contrib/pf sys/modules/dummynet sys/modules/ipfw sys/...

[Andre Oppermann]

On 13.11.2012 10:17, Gleb Smirnoff wrote:
> On Mon, Nov 12, 2012 at 06:11:40PM -0800, David O'Brien wrote:
> D> On Fri, Sep 14, 2012 at 11:51:51AM +0000, Gleb Smirnoff wrote:
> D> > Log:
> D> >   o Create directory sys/netpfil, where all packet filters should
> D> >     reside, and move there ipfw(4) and pf(4).
> D> >   o Move most modified parts of pf out of contrib.
> D>
> D> Why didn't contrib/ipfilter/ move to sys/netpfil/ as well?
> D>
> D> Having 1/3 of our packet filters not there (sys/netpfil) might suggest we
> D> shouldn't create sys/netpfil/
>
> ipfilter is really selfcontained and is a contrib code.

Though it can't decide whether to really live in contrib or
as part of FreeBSD.  Also it hasn't been updated in a long
time and the official version has progressed quite a bit.

IMHO the version we have should either go away and be replaced
with a fresh up to date import through the vendor channel, or
move to netpfil.

Would be a great task for a junior kernel hacker.

-- 
Andre