Date: Mon, 15 Apr 2013 13:12:39 -0700 From: Cy Schubert <Cy.Schubert@komquats.com> To: Gleb Smirnoff <glebius@FreeBSD.org> Cc: Warren Block <wblock@wonkity.com>, Scott Long <scott4long@yahoo.com>, "current@freebsd.org" <current@freebsd.org>, Chris Rees <crees@freebsd.org>, Rui Paulo <rpaulo@felyko.com>, "net@freebsd.org" <net@freebsd.org>, "cpet@sdf.org" <cpet@sdf.org> Subject: Re: ipfilter(4) needs maintainer Message-ID: <201304152012.r3FKCdI3085567@slippy.cwsent.com> In-Reply-To: Message from Gleb Smirnoff <glebius@FreeBSD.org> of "Mon, 15 Apr 2013 23:55:44 %2B0400." <20130415195544.GY76816@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20130415195544.GY76816@FreeBSD.org>, Gleb Smirnoff writes: > Cy, > > good news that you volunteered to work on this! > > On Mon, Apr 15, 2013 at 10:48:43AM -0700, Cy Schubert wrote: > C> The initial plan was to import IP Filter 5.1.2 into HEAD. darrenr@ hadn't > C> done much with IPF while employed with Sun. Since then there has been some > > C> development that is long overdue for HEAD. > > The problem is that v5.1.2 is under GPL. I'm afraid we should update > to v4.1.34 only, and then stick to it. So the nearest TODO list > is smth like: > > - update to v4.1.34 > - cleanse old kernel APIs (timeout(9) at least) > - fix VIMAGE > - review open PRs (some might should be closed) > - since we do not expect more imports, may be cleanse non-FreeBSD stuff > from there? > - maybe move it into sys/netpfil? Need to consult imp@ on that. License > is very closed to BSD, but has some additions. A small step in the right direction is a good thing. I'll run the patches by you first. The existing license isn't that BSD-friendly either, which is why it lives in contrib/. I think the 5.1.X GPLv2 is about the same friendliness as Darren's IPF 4.1.X license. As long as it's not in GENERIC should be fine. A person can always load it anyway. > > C> I'm not sure if I'd MFC it into 9 or not. > > This is up to you, but be adviced that head already differs from stable/9, > for example network stack is entirely in network byte order. So merging > would require a lot of attention and testing. > > C> I did consider a port but given it would has to touch bits and pieces of > C> the source tree (/usr/src), a port would be messy and the decision was mad > e > C> to work on importing it into base. > > Port isn't an option. IPFilter is too close to many kernel APIs, that > can change quickly. Agreed. I looked at it a few months ago and determined that src is where it should be. (I put it aside, getting ACER WMI/ACPI working on my new Acer laptop was my priority at the time.) -- Cheers, Cy Schubert <Cy.Schubert@komquats.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: http://www.FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201304152012.r3FKCdI3085567>