From owner-freebsd-hackers  Mon Aug 19 00:04:00 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id AAA23866
          for hackers-outgoing; Mon, 19 Aug 1996 00:04:00 -0700 (PDT)
Received: from critter.tfs.com ([140.145.230.252])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id AAA23855;
          Mon, 19 Aug 1996 00:03:57 -0700 (PDT)
Received: from critter.tfs.com (localhost.tfs.com [127.0.0.1]) by critter.tfs.com (8.7.5/8.7.3) with ESMTP id HAA07038; Mon, 19 Aug 1996 07:36:09 +0200 (MET DST)
To: Darren Reed <avalon@coombs.anu.edu.au>
cc: imp@village.org (Warner Losh), jkh@time.cdrom.com,
        ugen@latte.worldbank.org, hackers@freebsd.org
Subject: Re: ipfw vs ipfilter 
In-reply-to: Your message of "Mon, 19 Aug 1996 07:50:05 +1000."
             <199608182150.OAA14811@freefall.freebsd.org> 
Date: Mon, 19 Aug 1996 07:36:08 +0200
Message-ID: <7036.840432968@critter.tfs.com>
From: Poul-Henning Kamp <phk@critter.tfs.com>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>IP Filter has its own set of regression tests, which you can verify yourself
>and then against a test run, if you like.  Not to mention that this has
>helped find bugs.  Both rule parsing and rule processing are tested for
>correctness.  This is seen in neither ipfw or ipfwadm for FreeBSD/Linux.
>In a security concious world, how can you not want to be sure of something
>like this ?

Uhm, aren't people overlooking the obvious here:  We can have both,
and the user can choose.  That was my hope at least.

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@ref.tfs.com       TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.