Date: Thu, 26 Feb 2004 21:56:40 +1100 From: Tim Robbins <tjr@freebsd.org> To: Luigi Rizzo <rizzo@icir.org> Cc: src-committers@FreeBSD.org Subject: Re: cvs commit: src/sys/contrib/pf/net if_pflog.c if_pflog.h if_pfsync.c if_pfsync.h pf.c pf_ioctl.c pf_norm.c pf_osfp.c pf_table.c pfvar.h src/sys/contrib/pf/netinet in4_cksum.c Message-ID: <20040226105640.GA30144@cat.robbins.dropbear.id.au> In-Reply-To: <20040226015016.B23674@xorpc.icir.org> References: <200402260234.i1Q2YDx1014240@repoman.freebsd.org> <20040226060126.GA70201@troutmask.apl.washington.edu> <20040226080517.GA29763@cat.robbins.dropbear.id.au> <20040226015016.B23674@xorpc.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 26, 2004 at 01:50:16AM -0800, Luigi Rizzo wrote: > for what matters, i have posted to -net patches some time ago to extend > ipfw2 to deal with ipv6 packets (thus effectively replacing ipfw6). > No feedback in 6 weeks, to me this looks like lack of interest. > > > problem of having too many firewalls. What I'd like to see is ipfw, > > ipfilter and ip6fw implemented in terms of the pf kernel code, then > > what is the motivation for that ? Features ? Personal taste and features. But now that I think about it, I don't mind terribly much whether the kernel is ipfw2 or pf, so long as I get my features and syntactic sugar, and ideally there be only one firewall interface to the kernel. I don't want to start a bikeshed on which is better, and I don't mean to belittle your work on ipfw2 (or Darren's work on IPFilter). Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040226105640.GA30144>