Re: ipfilter(4) needs maintainer

wishmaster wrote:

>  --- Original message ---
> From: "Gary Palmer" <gpalmer@freebsd.org>
> Date: 14 April 2013, 19:06:59
> 
>  
>> On Sun, Apr 14, 2013 at 09:48:33AM -0600, Warren Block wrote:
>>> Is it possible to move ipfilter into a port?
>> That may work short term, but the ENOMAINTAINER problem will quickly creep
>> up again as kernel APIs change.  If the author has lost interest in
>> maintaining the FreeBSD port of ipfilter then unless someone steps forward
>> to carry on the work, I don't see much of a future for ipfilter in
>> FreeBSD
>>
>> Do we honestly need three packet filters?
>   
>     Yes! This is the most clever thought in this thread. Why we need 3 firewalls? Two packet filters it's excess too.
>      We have two packet filters: one with excellent syntax and functionality but with outdated bandwidth control mechanism (aka ALTQ); another - with nice traffic shaper/prioritization (dummynet)/classification (diffused) but with complicated implementation  in not trivial tasks.
>     May be the next step will be discussion about one packet filter in the system?..
> 
> Cheers,
For non-nat ipfw is still superior in every way, numbered rules (think: 
scripts), dummynet, much faster than pf, syntax is a lot nicer and 
predictable...

Does anyone even use ipf? it doesn't even work on Linux anymore, junk it 
and keep pf+ipfw, job done.

_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"