From owner-freebsd-stable  Mon Jan 28  8:16:58 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from mail7.nc.rr.com (fe7.southeast.rr.com [24.93.67.54])
	by hub.freebsd.org (Postfix) with ESMTP id 44D2A37B400
	for <stable@freebsd.org>; Mon, 28 Jan 2002 08:16:55 -0800 (PST)
Received: from i8k.babbleon.org ([66.57.85.154]) by mail7.nc.rr.com  with Microsoft SMTPSVC(5.5.1877.687.68);
	 Mon, 28 Jan 2002 10:14:29 -0500
Received: by i8k.babbleon.org (Postfix, from userid 111)
	id 92F0A4032; Mon, 28 Jan 2002 10:12:20 -0500 (EST)
Content-Type: text/plain;
  charset="iso-8859-1"
From: Brian T.Schellenberger <bts@babbleon.org>
To: Cliff Sarginson <cliff@raggedclown.net>, stable@FreeBSD.ORG
Subject: Re: Firewall config non-intuitiveness
Date: Mon, 28 Jan 2002 10:12:20 -0500
X-Mailer: KMail [version 1.3]
References: <20020127220923.B1494@shell.gsinet.sittig.org> <20020128135643.GH33952@madman.nectar.cc> <20020128145517.GB1907@raggedclown.net>
In-Reply-To: <20020128145517.GB1907@raggedclown.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-Id: <20020128151220.92F0A4032@i8k.babbleon.org>
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Monday 28 January 2002 09:55 am, Cliff Sarginson wrote:
> On Mon, Jan 28, 2002 at 07:56:43AM -0600, Jacques A. Vidrine wrote:

> > > Perhaps we are just too dumb.
> >
> > Or perhaps there has been no effective case made for a change.
>
> In your opinion.

I think there's more than an opinion at work here because . . .

> The case has been made, clearly and coherently.

But by definition not effectively if the change isn't actually going to be 
made.

> In my opinion.
> Opinions are wonderful things.
> People hold onto them so dearly, and proclaim them so loudly :)
> It is clear that the current situation is a) satisfactory to the
> old-guard who don't want even the smallest detail changed and
> b)unsatisfactory to dumb newcomers who are asking that something
> makes sense (sense in the English Language).


Speaking as a sort of "nuetral bystander" who found the old way quirky but 
understandable, I'd say that the new proposal *would* be more logical, but at 
the same time it is always good to be careful about changing the definiation 
of something within a minor release.

So why not put together a simple proposal with a justification and submit it 
to, say, the security list or perhaps even the hackers list as a proposal for 
FreeBSD 5.0?

And for 4.x some documentation clarification is surely in order.  (Though I 
must admit I found the current documentation adaquate for myself--the big 
note in the kernel config file conveyed the situation to me sufficiently.)  
Perhaps a note in /etc/defeaults/rc.conf or something?

-- 
Brian T. Schellenberger . . . . . . .   bts@wnt.sas.com (work)
Brian, the man from Babble-On . . . .   bts@babbleon.org (personal)
                                        http://www.babbleon.org

-------> Free Dmitry Sklyarov!  (let him go home)  <-----------

http://www.eff.org                 http://www.programming-freedom.org 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message