Bennett wrote:
This answers one of my biggest questions about the fork. I've been
fixated on the package system (though my previous mention of it was
brief), thinking it was a solution for both projects. I had envisioned
moving everything that isn't a core feature into an optional module.
Instead of "m0n0wall is too resource-intensive to run on microsystem X,"
you get "m0n0wall will run on microsystem X with features A, B, and C,
but not D." I wasn't aware that m0n0wall's file system makes this whole
idea infeasible. Perhaps I should troll the m0n0wall list... :)
go for it. You'd still get me replying to your messages, with the same
stuff mostly. :)
But it'll never change to be a full blown hard drive install, and that's
precisely where the split between the two is justified. I personally
think the embedded pfsense image should be dropped when/if m0n0wall gets
on FreeBSD 6. At that point, depending on where m0n0wall 1.3 ends up,
it may very well be a wasted effort to put out an embedded image where
that's m0n0wall's territory and where it excels.
Still, I think moving EVERY non-core feature (e.g., captive portal, load
balancing, CARP, even VPN) into an optional module is the way to go for
pfSense. Then, only the features a user needs are installed.
Umm, no. Virtually all of that is in-kernel stuff, so the only thing
(most of it at least) you could "add on" would be the GUI pages. No
sense in separating that.
I also got the impression from the pfSense FAQs (yes, I did do some
research before posting) that there was a bit more code sharing than
there actually is, so I thought the projects were not quite as separate
as they are. I understand now that that is not the case, and hence my
concerns about patchy code were unjustified. Furthermore, Colin said
it's a "one-way street" (which I assume goes from pfSense to m0n0?),
No, the other way around actually. I don't think a single line of
pfsense code has made it into m0n0wall at this point. That'll likely
happen more once work on 1.3 gets going.
so
there's no duplicated work since m0n0wall can incorporate, say, the
certificate manager that pfSense has already developed.
well, not really for many of the things at this point. the back end of
the certificate manager is, iirc, almost as big as the entire m0n0wall
image. At any rate, it's far too large for the way the file system
currently works. that's true of many other things as well that I'm not
recalling ATM..
