The desire to remove it stems from the inability to give it adequate engineering service as the network stack evolves. Simply taking it out of a kernel config file doesn't address that problem at all. If it's going to stay in FreeBSD at all, it needs to be maintained. This could be set about a fair amount of stuff in FreeBSD, but IPFilter stands out since there's a high rate of needed change happening in the network stack, and it shouldn't be left to rot nor to be a stumbling block for those changes.
Scott On Apr 15, 2013, at 12:49 PM, "Sam Fourman Jr." <[email protected]> wrote: > Thank you to those that have expressed interest in maintaining IP Filter.. > > My thoughts are, could we consider putting a option in the kernel config, > and leaving it off by default for GENERIC? > I think this is a acceptable compromise, considering some people wish for > it to be removed. > > Sam Fourman Jr. > > > On Mon, Apr 15, 2013 at 1:48 PM, Cy Schubert <[email protected]>wrote: > >> In message <[email protected]>, Rui Paulo >> writes: >>> 2013/04/15 9:55、Cy Schubert <[email protected]> のメッセージ: >>> >>>> I've been planning on taking on IP Filter for quite some time. >>>> Unfortunately I've left my src commit bit lapse (my ports commit bit is >>>> alive and well though) thus I'm looking for a mentor. In addition I'm >>>> working on an ACER WMI/ACPI kld. One mentor would be preferred but two >>>> would be fine too. >>> >>> What are your plans regarding ipfilter? I remain unconvinced that it >> should b >>> e in the base system. Perhaps you can work on it as a port? >> >> The initial plan was to import IP Filter 5.1.2 into HEAD. darrenr@ hadn't >> done much with IPF while employed with Sun. Since then there has been some >> development that is long overdue for HEAD. >> >> I'm not sure if I'd MFC it into 9 or not. >> >> I did consider a port but given it would has to touch bits and pieces of >> the source tree (/usr/src), a port would be messy and the decision was made >> to work on importing it into base. >> >>> >>> Why do you want to work on something that people have been trying to >> remove s >>> ince 2005? >> >> I and others have been using it in FreeBSD for over decade. For the longest >> of time we'd use a common set of rules across a FreeBSD and Solaris farm >> (using ipfmeta, makefiles, rsync, rdist, and a local CVS repo). >> Interoperability with other systems which use IP Filter is a plus. If >> there's a maintainer, it only makes FreeBSD richer. Losing IP Filter would >> be a loss. >> >> >> -- >> Cheers, >> Cy Schubert <[email protected]> >> FreeBSD UNIX: <[email protected]> Web: http://www.FreeBSD.org >> >> >> _______________________________________________ >> [email protected] mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-current >> To unsubscribe, send any mail to "[email protected]" >> > > > > -- > > Sam Fourman Jr. > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "[email protected]" _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[email protected]"
