Date: 19 Jun 1999 16:51:59 +0200 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: "Brian F. Feldman" <green@unixhelp.org> Cc: Doug Rabson <dfr@nlsystems.com>, Dag-Erling Smorgrav <des@flood.ping.uio.no>, Ruslan Ermilov <ru@ucb.crimea.ua>, ugen@xonix.com, hackers@FreeBSD.org, luigi@FreeBSD.org Subject: Re: Introduction Message-ID: <xzpvhck8cq8.fsf@flood.ping.uio.no> In-Reply-To: "Brian F. Feldman"'s message of "Sat, 19 Jun 1999 10:22:23 -0400 (EDT)" References: <Pine.BSF.4.10.9906190938220.99153-100000@janus.syracuse.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Brian F. Feldman" <green@unixhelp.org> writes: > It might be worth (discussion of) making ipfilter the firewall of > choice for 4.0. There would of course be rule conversion > scripts/programs (ipfw->ipf(5)), and ipfilter would be converted to > a KLD, cruft removed (I'm going to work on these), and ipfilter KLD > support (currently options IPFILTER_LKM) made a non-option. It seems > that our pretty proprietary ipfw is no longer a good idea. If ipfilter can to everything ipfw can (judging from ipf(5), it can) and you even manage to keep an ipfw(8) command around so those who want kan keep using the old syntax still can, then I for one have no objections. Rewriting ipfw rules to ipfilter rules on the fly should be trivial; a simple Perl script should be sufficient. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpvhck8cq8.fsf>