Date: Wed, 23 Jul 2014 13:08:05 -0700 From: Cy Schubert <Cy.Schubert@komquats.com> To: Daniel Feenberg <feenberg@nber.org> Cc: krad <kraduk@gmail.com>, Lars Engels <lars.engels@0x20.net>, freebsd-current@freebsd.org, Stephen Hurd <shurd@sasktel.net>, Gleb Smirnoff <glebius@freebsd.org>, =?ISO-8859-15?Q?Gerrit_K=FChn?= <gerrit.kuehn@aei.mpg.de>, FreeBSD Mailing List <freebsd-questions@freebsd.org>, Matt Bettinger <iamatt@gmail.com> Subject: Re: Future of pf / firewall in FreeBSD ? - does it have one ? Message-ID: <201407232008.s6NK87MX091253@slippy.cwsent.com> In-Reply-To: Message from Daniel Feenberg <feenberg@nber.org> of "Sun, 20 Jul 2014 14:35:26 -0400." <alpine.LRH.2.11.1407201430030.2748@nber7.nber.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <alpine.LRH.2.11.1407201430030.2748@nber7.nber.org>, Daniel Feenberg writes: > > > On Sun, 20 Jul 2014, Lars Engels wrote: > > > On Sun, Jul 20, 2014 at 12:18:54PM +0100, krad wrote: > >> all of that is true, but you are missing the point. Having two versions of > >> pf on the bsd's at the user level, is a bad thing. It confuses people, > >> which puts them off. Its a classic case of divide an conquer for other > >> platforms. I really like the idea of the openpf version, that has been > >> mentioned in this thread. It would be awesome if it ended up as a supporte > d > >> linux thing as well, so the world could be rid of iptables. However i gues > s > >> thats just an unrealistic dream > > > > And you don't seem to get the point that _someone_ has to do the work. > > No one has stepped up so far, so nothing is going to change. > > > > No one with authority has yet said that "If an updated pf were available, > would be welcomed". Rather they have said "An updated pf would not be > suitable, as it would be incompatible with existing configuration files". > If the latter is indeed the case, there is little incentive for anyone > to go to the effort of porting the newer pf. After all, the reward for > the work is chiefly in glory, and if there is to be no glory, the work > is unlikely to be done. I disagree. One does not do this for the glory. One does this because the nail hurts enough to do something about it. -- Cheers, Cy Schubert <Cy.Schubert@komquats.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201407232008.s6NK87MX091253>