Subject: Re: pf as the only one firewall in netbsd?
To: Michal Stepien <firstname.lastname@example.org>
From: Thomas E. Spanjaard <email@example.com>
Date: 04/06/2006 00:06:56
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=ISO-8859-2; format=flowed
Michal Stepien wrote:
> On Wed, Apr 05, 2006 at 09:57:19PM +0000, Manuel Bouyer wrote:
>>> I was said that pf is not integrated with netbsd3.0
>>> because developer of netbsd wants to integrate both
>>> pf and ipf with altq. Up to now there is no integration
>> BTW, this is not the exact reason. We'd like an API which is not
>> dependant on pf, so that it can be used with other classifiers than pf.
>> You may want to classify packets on other criteria than content of the
>> IP header, or even non-IP packets. I've done this in the past.
> This what you have said is very interesting. Do you (or other netbsd
> developers) have some plans related to implementation
> of this ideas in near future? Will be netbsd31 a revolution
> in firewall/qos field?
ppostma@ is working on this, even though he doesn't have a lot of time
to dedicate to it. And the changes won't go into 3.1, they might miss
4.0 even if it's not done in time for that. And it wouldn't be a
revolution, just an evolution of what we currently have. It's a logical
step forward to be able to classify more than just inet and inet6.
Thomas E. Spanjaard
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)
-----END PGP SIGNATURE-----