Date: Thu, 31 Jul 2014 08:42:04 -0400 From: Jerry <jerry@seibercom.net> To: freebsd-questions@freebsd.org Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-ID: <20140731084204.70f54672@scorpio> In-Reply-To: <53DA304E.6020105@herveybayaustralia.com.au> References: <53C706C9.6090506@com.jkkn.dk> <6326AB9D-C19A-434B-9681-380486C037E2@lastsummer.de> <53CB4736.90809@bluerosetech.com> <201407200939020335.0017641F@smtp.24cl.home> <788274E2-7D66-45D9-89F6-81E8C2615D14@lastsummer.de> <201407201230590265.00B479C4@smtp.24cl.home> <20140729103512.GC89995@FreeBSD.org> <53DA304E.6020105@herveybayaustralia.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/vWUJ9q_pKmFllUy+DadfN_D Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Thu, 31 Jul 2014 22:02:22 +1000, Da Rock stated: >Without diminishing your efforts so far, what do you think about=20 >pitching all efforts into IPFW to combine effort and reduce overhead of=20 >maintaining separate firewalls in the core? Is there an advantage to=20 >having our own pf? The advantage is obvious -- you would have total control over the code. The disadvantage is that there is no one else to blame if it goes south. I use IPFW exclusively. I am by no means an expert, but I have figured out how to get it working without having to read reams of documentation. There are several examples that can be used and boilerplate's to be found on the FreeBSD site. I believe that those examples could be updated and perhaps a few others added, but it is certainly a good start. I have always believed that if you are not going to do something right, then don't do it at all. Continuing to maintain an application that is not fully functional, and lets face it, "state of the art", is just an example of futility. There are always going to be those 10% of users who are going to bitch and moan like a group of whiny high school girls. Forget them. They will eventually get on board. Hell, there are morons who would consider this a l=C3=A8se majest=C3=A9, as they no doubt did when cities changed from gas l= ights to electric one. The inability or unwillingness to evolve and change leads to extinction. --=20 Jerry --Sig_/vWUJ9q_pKmFllUy+DadfN_D Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJT2jmlAAoJEElTsHIJnX8e+nEH/iYSePb2IXYlcgzjYNn/qrKh VpLHJQtgUaiRu6WkzmY62BSuECBGdI2FPvCaj0JGHUyewiPVixli+1GgTfKkjxMe p5mBE/1Bqq6Bvq6enxon4wtQB68f0KDHyiRVPS0eHKMruiaSMzYYMZAlPPBGVFnq LASpH+BgVrwCHONiif5r+Lz0CJBnz8FYwLsOgR9azxfh3B4keKAzY+7Rhpn6rksL 1y2dxC0pELwKdxEOKFiXnNL7GhS29bdiRPUdoLAYSrg5gIyKTui8gzxX8736j5H8 z8xpHIX/UPrwUBeoYyQddnaUajWugNtqKHYXtwNnriqL/1FnxYvsgRfkDPGIH0s= =uJoW -----END PGP SIGNATURE----- --Sig_/vWUJ9q_pKmFllUy+DadfN_D--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140731084204.70f54672>