Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 Feb 2004 09:58:01 -0800
From:      Steve Kargl <sgk@troutmask.apl.washington.edu>
To:        Jeremy Messenger <mezz7@cox.net>
Cc:        cvs-all@freebsd.org
Subject:   Re: cvs commit: src/sys/contrib/pf/net if_pflog.c if_pflog.h if_pfsync.c if_pfsync.h pf.c pf_ioctl.c pf_norm.c pf_osfp.c pf_table.c pfvar.h src/sys/contrib/pf/netinet in4_cksum.c
Message-ID:  <20040226175801.GA73761@troutmask.apl.washington.edu>
In-Reply-To: <opr3yrbql98ckrg5@smtp.central.cox.net>
References:  <200402260234.i1Q2YDx1014240@repoman.freebsd.org> <20040226060126.GA70201@troutmask.apl.washington.edu> <opr3yrbql98ckrg5@smtp.central.cox.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Feb 26, 2004 at 12:08:04AM -0600, Jeremy Messenger wrote:
> On Wed, 25 Feb 2004 22:01:26 -0800, Steve Kargl 
> <sgk@troutmask.apl.washington.edu> wrote:
> 
>>On Wed, Feb 25, 2004 at 06:34:13PM -0800, Max Laier wrote:
>>>mlaier      2004/02/25 18:34:12 PST
>>>
>>>  FreeBSD src repository
>>>
>>>  Modified files:
>>>    sys/contrib/pf/net   if_pflog.c if_pflog.h if_pfsync.c
>>>                         if_pfsync.h pf.c pf_ioctl.c pf_norm.c
>>>                         pf_osfp.c pf_table.c pfvar.h
>>>    sys/contrib/pf/netinet in4_cksum.c
>>>  Log:
>>>  Bring diff from the security/pf port. This has code been tested as a port
>>>  for a long time and is run in production use. This is the code present in
>>>  portversion 2.03 with some additional tweaks.
>>
>>
>> Was this import discussed on arch@ or current@?  We now have ipfw, 
>> ipfilter, and pf in the base system.  How many more firewall packages are
>> we going to import into the base system?  Are you going to remove ipfw
>> or ipfilter? Is there a NO_PF make.conf knob?
> 
> http://lists.freebsd.org/mailman/htdig/cvs-src/2004-February/018320.html
> 

This does not look like a discussion concerning the merits/drawbacks
of pf over the other packet filters in the tree.   The commit message
states the pf was in the Ports Collection.  Why bring it into the base
system?  Also, are there plans to retire the other filters or to at
least unify pf with the others?

-- 
Steve

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040226175801.GA73761>