"Brian F. Feldman" <gr...@unixhelp.org> writes: > It might be worth (discussion of) making ipfilter the firewall of > choice for 4.0. There would of course be rule conversion > scripts/programs (ipfw->ipf(5)), and ipfilter would be converted to > a KLD, cruft removed (I'm going to work on these), and ipfilter KLD > support (currently options IPFILTER_LKM) made a non-option. It seems > that our pretty proprietary ipfw is no longer a good idea.
If ipfilter can to everything ipfw can (judging from ipf(5), it can) and you even manage to keep an ipfw(8) command around so those who want kan keep using the old syntax still can, then I for one have no objections. Rewriting ipfw rules to ipfilter rules on the fly should be trivial; a simple Perl script should be sufficient. DES -- Dag-Erling Smorgrav - d...@flood.ping.uio.no To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message