From owner-freebsd-current@FreeBSD.ORG Mon Jul 8 13:27:01 2013 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id BE8C3839 for ; Mon, 8 Jul 2013 13:27:01 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id 368EB10F5 for ; Mon, 8 Jul 2013 13:27:00 +0000 (UTC) Received: (qmail 61524 invoked from network); 8 Jul 2013 10:18:06 -0000 Received: from unknown (HELO [62.48.0.94]) ([62.48.0.94]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 8 Jul 2013 10:18:06 -0000 Message-ID: <51DA85CF.3000401@freebsd.org> Date: Mon, 08 Jul 2013 11:26:39 +0200 From: Andre Oppermann User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6 MIME-Version: 1.0 To: Cy Schubert Subject: Re: Ipfilter pre-Vendor Import Issue References: <201307051838.r65IcL2Q005119@slippy.cwsent.com> In-Reply-To: <201307051838.r65IcL2Q005119@slippy.cwsent.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Gleb Smirnoff , current@freebsd.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jul 2013 13:27:01 -0000 On 05.07.2013 20:38, Cy Schubert wrote: > In message <20130705084649.GC67810@FreeBSD.org>, Gleb Smirnoff writes: >> What I'd prefer to see is the following: >> >> - commit new ipfilter untouched to vendor-sys/ipfilter >> - nuke sys/contrib/ipfilter >> - svn copy vendor-sys/ipfilter to sys/netpfil/ipfilter > > Having ipfilter in one place instead of two (vendor and vendor-sys) makes a > lot more sense. > > I suppose we could put ipfilter's kernel components in sys/netpfil but what > about the userland sources? Also see my reply below regarding keeping it in > contrib. > >> >> In future imports do: >> >> - commit newer ipfilter to vendor-sys/ipfilter >> - svn merge vendor-sys/ipfilter to sys/netpfil/ipfilter >> >> What's the reason to keep code in contrib? > > The reason to keep ipftilter in contrib is to maintain consistency with > other contributed software such as bind, nvi, sendmail, pf, and a host of > other notable software we don't maintain ourselves. Maintaining consistency > with other contributed software should probably be maintained. I'm open to > moving all packet filters, e.g. ipfw, pf, and ipfilter into sys/netpfil as > long as consistency is maintained across the board. > > Do you think we should put the userland sources also in the same location > or should we maintain a similar separation we do today? I'm open to both > however I'd prefer keeping all vendor software (kernel and userland) in one > location. I think the main distinction here is whether the adaptions to FreeBSD are kept local (resulting in almost a fork) or are fed upstream so that successive updates require less or no local changes. Having the kernel part in sys/netpfil certainly makes it easier for kernel people to adjust it to changed realities. IIRC ipfilter also has very messy ifdef's all over the place for every possible ancient version of FreeBSD. This probably should be cleaned up (and upstreamed) as well. -- Andre