I personaly am dedicated to the idea of a floppy based bering, but I find that using 2
floppies is no big deal. I'm also sure that as other technologies that preserve the
simple and fulproof physical write protect concept with the floppy based installs, we
can allow the size to grow.
As to new features, about the only thing I am heavely interested and commited to is
the configuration side of things we have been discussing for some time.
You have done a fantastic job Jacques! Thanks!
Richard
-----Original Message-----
From: Jacques Nilo [mailto:[EMAIL PROTECTED]]
Sent: Sun 2/16/2003 10:43 AM
To: Eric de Thouars; [EMAIL PROTECTED]
Cc:
Subject: [leaf-devel] The future of Bering
Le Dimanche 16 Février 2003 13:00, vous avez écrit :
Hi Eric:
Shorewall is indeed a key element of Bering. When I started the work on
Bering (back in November 2001) I was having the following ideas in mind:
- get rid of D. Cinege's LRP kernel patches which were unecessary and made it
difficult to follow kernel development
- do not reengineer the wheel, that is rely on existing well documented and
well supported software. That is why I have chosen Shorewall for the firewall
part of Bering from the very begining and that is also why I have been trying
to stick as much as I can to the Debian standards
- try to write a good documentation (that is probably one of the first reason
why Bering has been catching-up rather quickly)
Tom has released Shorewall 1.3.14 that will be the last version of Shorewall
using ash. I am about to release Bering 1.1 that will be 2.4.20 kernel based
and will be using Shorewall 1.3.14.
Bering appears fairly stable for the time being and I do not have further
plans in mind at this stage.
Possible scenarios are:
1/ Bering sticks to Shorewall 1.x if someone takes over Tom the maintenance
of this version
2/ Bering switches to the new 2.0 version of Shorewall as soon it will be
available: it will probably imply to get rid of the single floppy router
concept and use either a two floppies or a CD-rom approach. In which case I
would also switch to 2.2.5 libc. That is at this stage what I would
personally favour
3/ Switch to another firewall package. The modular design of Bering makes it
very easy to use another iptable based firewall.
As far as you idea is concerned I think that if you succeed to extend
Shorewall with IPv6 capabilities that would be definitly a vey attractive
approach. Otherwise it may be simpler to offer, as an alternative package to
Shorewall, an IPv6 firewall.
Jacques
> Hi Jacques,
>
> As you may have noticed from the leaf-user list I've been working on IPv6
> with Bering. I now have ip6tables working with uClibc and want to start
> with IPv6 firewalling. On eof the options is to write a set of ip6tables
> rules (the Dachstein-way) or to use some kind of wrap around ip6tables,
> like Shorewall.
>
> My personal preference would be to extend Shorewall with IPv6 filtrering
> capabilities, but I recently read on one of the leaf mailing lists that Tom
> Eastep will be moving to a newer release of Shorewall which may not be
> suitable for LEAF anymore.
>
> Before I start hacking away to extend Shorewall with IPv6 capabilities I
> would like so hear from you about future plans for Bering and Shorewall. I
> recently joined the Bering-uClibc team and this work may end up in some
> future release of Bering-uClibc so I don't want to head off in a totally
> different way than Bering is.
>
> Any feedback from you is very welcome.
>
> - Eric.
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel
None
N�¬±ù޵隊X¬²š'²ŠÞu¼“†)ä�ç¤Yé\¢g¢�ž’�š½éá¶ÚþØbžH�zG(›û�•æŸuëÞ–f¢–)à–+-•æŸuëÞ–X¬¶Ë(º·�~Šàzw†Ûi³ÿåŠËl²‹«qçè®�§zßåŠËlþX¬¶)ߣù^i÷^½é
