From owner-freebsd-current@FreeBSD.ORG Wed Jul 23 12:48:37 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1F0BDCE9 for ; Wed, 23 Jul 2014 12:48:37 +0000 (UTC) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DEEEE2714 for ; Wed, 23 Jul 2014 12:48:36 +0000 (UTC) Received: from compute4.internal (compute4.nyi.mail.srv.osa [10.202.2.44]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id F168320DC4 for ; Wed, 23 Jul 2014 08:40:39 -0400 (EDT) Received: from frontend2 ([10.202.2.161]) by compute4.internal (MEProxy); Wed, 23 Jul 2014 08:40:39 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:date:from:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; s=smtpout; bh=XEqajaAdxI3rVVGyd1H4qX 0CwsM=; b=Q8aARzNiQTmcQoDN8nn65QuOAU4bBFy+j/25kbGtHlplQTl9lMbD+F GiV170J6l9YY+0cEeufIzl96sz3KM3gcJcy7SXyAE1oa+VN4IAla9nrSzP9aHYGr s7D35VvnHzE5lXtDy2mExxQPeaS4Oq/xNzd/ktxC3O0x8h9adl/Ac= X-Sasl-enc: pEvCfFtN8k+NnUJeN62epOq3Mc6pkvCLlwDJa07t1peQ 1406119239 Received: from [192.168.1.31] (unknown [203.206.138.26]) by mail.messagingengine.com (Postfix) with ESMTPA id 4A99E6801AE for ; Wed, 23 Jul 2014 08:40:39 -0400 (EDT) Message-ID: <53CFAD48.1090902@freebsd.org> Date: Wed, 23 Jul 2014 22:40:40 +1000 From: Darren Reed User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? References: <53C706C9.6090506@com.jkkn.dk> <20140718110645.GN87212@FreeBSD.org> <20140718151255.b3e677d9.gerrit.kuehn@aei.mpg.de> <53CA2D39.6000204@sasktel.net> <86fvhvrgfc.fsf@srvbsdfenssv.interne.associated-bears.org> In-Reply-To: <86fvhvrgfc.fsf@srvbsdfenssv.interne.associated-bears.org> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2014 12:48:37 -0000 On 21/07/2014 5:14 AM, Eric Masson wrote: > krad writes: > > Hi, > >> I really like the idea of the openpf version, that has been mentioned >> in this thread. > It would be nice but as it's been written in this thread, Open & Free > internals are quite different beasts, goals are different on both > platforms, so I doubt OpenPF will exist in the future. > >> It would be awesome if it ended up as a supported linux thing as well, >> so the world could be rid of iptables. > Linux world will get rid of iptables one of these days, nftables > inclusion in mainline is a clear signal. > And the design behind nftables is similar to that of NetBSD's npf. Darren