Date: Thu, 26 Feb 2004 10:38:48 +0000 From: Bruce M Simpson <bms@spc.org> To: Eric Masson <e-masson@kisoft-services.com> Cc: Steve Kargl <sgk@troutmask.apl.washington.edu> Subject: Re: cvs commit: src/sys/contrib/pf/net if_pflog.c if_pflog.h if_pfsync.c if_pfsync.h pf.c pf_ioctl.c pf_norm.c pf_osfp.c pf_table.c pfvar.h src/sys/contrib/pf/netinet in4_cksum.c Message-ID: <20040226103848.GB16873@saboteur.dek.spc.org> In-Reply-To: <86y8qq6xc1.fsf@t39bsdems.interne.kisoft-services.com> References: <200402260234.i1Q2YDx1014240@repoman.freebsd.org> <20040226060126.GA70201@troutmask.apl.washington.edu> <20040226061846.GB15864@saboteur.dek.spc.org> <86y8qq6xc1.fsf@t39bsdems.interne.kisoft-services.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 26, 2004 at 09:47:58AM +0100, Eric Masson wrote: > What sort of Evil plans, please ? Well, for one thing, I've been toying with the idea of IPSEC NAT passthrough. This has been raised lately on various London community wireless lists. I'd also like to get some means of filtering KaZaA out of my network. And finding answers to the interesting problems you get when you introduce a unidirectional path into the mix (satellite interfaces with telco/ether return). I feel a fresh codebase and a fresh mandate is needed, though, and pf seems to fit the bill; I personally feel more confident attempting these things with pf than with the existing code. I am also extremely pleased that the enthusiasm generated by the pf import has resulted in other work getting done which we wanted done before 5.3, as well as being appealing to our prospective user base. BMS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040226103848.GB16873>