Date: Sat, 13 Apr 2013 10:43:11 -0700 From: Rui Paulo <rpaulo@FreeBSD.org> To: Scott Long <scottl@samsco.org> Cc: Gleb Smirnoff <glebius@FreeBSD.org>, "current@freebsd.org" <current@FreeBSD.org>, "net@freebsd.org" <net@FreeBSD.org> Subject: Re: ipfilter(4) needs maintainer Message-ID: <2D0B66DB-E232-4F34-9D01-57DF226B9BAA@FreeBSD.org> In-Reply-To: <6DEDD3EA-45C1-4549-AA13-5E4F6674BE3E@samsco.org> References: <20130411201805.GD76816@FreeBSD.org> <7D8ACD5C-821D-4505-82E4-02267A7BA4F8@FreeBSD.org> <E2F803DD-1F3A-430E-957F-7AB1904CDF42@samsco.org> <96D56EAE-E797-429E-AEC9-42B19B048CCC@FreeBSD.org> <6DEDD3EA-45C1-4549-AA13-5E4F6674BE3E@samsco.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2013/04/13, at 5:03, Scott Long <scottl@samsco.org> wrote: > You target audience for this isn't people who track CURRENT, it's = people who are on 7, 8, or 9 and looking to update to 10.x sometime in = the future. Yes, I'm aware of that, but the problem remains. If ipfilter is broken = or gets broken because of the networking stack changes, we'll have to = fix it to keep the deprecation path going... >>> So with that said, would it be possible to write some tutorials on = how to migrate an ipfilter installation to pf? Maybe some mechanical = syntax docs accompanied by a few case studies? Is it possible for a = script to automate some of the common mechanical changes? Also = essential is a clear document on what goes away with ipfilter and what = is gained with pf. Once those tools are written, I suggest announcing = that ipfilter is available but deprecated/unsupported in FreeBSD 10, and = will be removed from FreeBSD 11. Certain people will still pitch a fit = about it departing, but if the tools are there to help the common users, = you'll be successful in winning mindshare and general support. >>=20 >>=20 >> It's not very difficult to switch an ipf.conf/ipnat.conf to a = pf.conf, but I'm not sure automated tools exist. I'm also not convinced = we need to write them and I think the issue can be deal with by writing = a bunch of examples on how to do it manually. Then we can give people 1y = to switch. >>=20 >=20 > Please believe me that no matter how trivial you think the switch is, = a migration guide still needs to be written. A migration *guide*, yes. Tools to convert one syntax to another: no. Regards, -- Rui Paulo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2D0B66DB-E232-4F34-9D01-57DF226B9BAA>