On Thu, May 02, 2013 at 10:35:19AM +0200, Franco Fichtner wrote: > > as stated before, breaking down complexity to the bare minimum is my > requirement for this to be happening at all. You all get to be the > judges. I'm just trying to work on something worth doing. > > > The last thing we want it a rotting pile of protocol parsing code like > > wireshark. > > Case closed then? I don't know how to argue with that. >
IMHO, don't ask and don't argue. If you need DPI in pf (or whatever), write it *for you*, then use it for *your needs*. If one day you feel it could be useful to others, share the code and someone may like it. Speaking of complexity, OpenBSD already has plenty of complicated kernel code that could run in user-mode but it's in the kernel because it was easier that way, or the author thought it's faster that way or ports expect it to be that way. -- Alexandre
