Date: Mon, 15 Apr 2013 12:15:49 -0700 From: Cy Schubert <Cy.Schubert@komquats.com> To: Scott Long <scott4long@yahoo.com> Cc: Warren Block <wblock@wonkity.com>, "current@freebsd.org" <current@freebsd.org>, darrenr@freebsd.org, Chris Rees <crees@freebsd.org>, Rui Paulo <rpaulo@felyko.com>, "net@freebsd.org" <net@freebsd.org>, "Sam Fourman Jr." <sfourman@gmail.com>, "cpet@sdf.org" <cpet@sdf.org> Subject: Re: ipfilter(4) needs maintainer Message-ID: <201304151915.r3FJFnM1002686@slippy.cwsent.com> In-Reply-To: Message from Scott Long <scott4long@yahoo.com> of "Mon, 15 Apr 2013 12:54:12 -0600." <D6ADE9C6-868A-4524-A6D7-4EB88F9D6287@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
It was pointed out to me that Darren Reed has changed licenses from his I= P=20 Filter license that's been in IPF since 2005 or so, when he joined Sun, t= o=20 GPLv2 (probably when Darren left when Oracle took over Sun). Given that I= PF=20 already lives in src/contrib and src/sys/contrib due to the 2005 license = change, would that be a problem? If it's OK then I'll maintain it in src.= =20 If not then a port is in order. Having said that, a port would be messy a= s=20 IPF's own install scripts update src/sys/netinet, among other locations. --=20 Cheers, Cy Schubert <Cy.Schubert=40komquats.com> FreeBSD UNIX: <cy=40FreeBSD.org> Web: http://www.FreeBSD.org In message <D6ADE9C6-868A-4524-A6D7-4EB88F9D6287=40yahoo.com>, Scott Long= =20 writes: > The desire to remove it stems from the inability to give it adequate en= gineer > ing=20 > service as the network stack evolves. Simply taking it out of a kernel= confi > g file > doesn't address that problem at all. If it's going to stay in FreeBSD = at all > , it > needs to be maintained. This could be set about a fair amount of stuff= in Fr > eeBSD, > but IPFilter stands out since there's a high rate of needed change happ= ening=20 > in > the network stack, and it shouldn't be left to rot nor to be a stumblin= g bloc > k for > those changes. >=20 > Scott >=20 > On Apr 15, 2013, at 12:49 PM, =22Sam Fourman Jr.=22 <sfourman=40gmail.c= om> wrote: >=20 > > Thank you to those that have expressed interest in maintaining IP Fil= ter.. > >=20 > > My thoughts are, could we consider putting a option in the kernel con= fig, > > and leaving it off by default for GENERIC? > > I think this is a acceptable compromise, considering some people wish= for > > it to be removed. > >=20 > > Sam Fourman Jr. > >=20 > >=20 > > On Mon, Apr 15, 2013 at 1:48 PM, Cy Schubert <Cy.Schubert=40komquats.= com>wrot > e: > >=20 > >> In message <18DF99B0-6E66-4906-A233-7778451B8A92=40felyko.com>, Rui = Paulo > >> writes: > >>> 2013/04/15 9:55=E3=80=81Cy Schubert <Cy.Schubert=40komquats.com> = =E3=81=AE=E3=83=A1=E3=83=83=E3=82=BB=E3=83=BC=E3=82=B8: > >>>=20 > >>>> I've been planning on taking on IP Filter for quite some time. > >>>> Unfortunately I've left my src commit bit lapse (my ports commit b= it is > >>>> alive and well though) thus I'm looking for a mentor. In addition = I'm > >>>> working on an ACER WMI/ACPI kld. One mentor would be preferred but= two > >>>> would be fine too. > >>>=20 > >>> What are your plans regarding ipfilter? I remain unconvinced that i= t > >> should b > >>> e in the base system. Perhaps you can work on it as a port? > >>=20 > >> The initial plan was to import IP Filter 5.1.2 into HEAD. darrenr=40= hadn't > >> done much with IPF while employed with Sun. Since then there has bee= n some > >> development that is long overdue for HEAD. > >>=20 > >> I'm not sure if I'd MFC it into 9 or not. > >>=20 > >> I did consider a port but given it would has to touch bits and piece= s of > >> the source tree (/usr/src), a port would be messy and the decision w= as mad > e > >> to work on importing it into base. > >>=20 > >>>=20 > >>> Why do you want to work on something that people have been trying t= o > >> remove s > >>> ince 2005? > >>=20 > >> I and others have been using it in FreeBSD for over decade. For the = longes > t > >> of time we'd use a common set of rules across a FreeBSD and Solaris = farm > >> (using ipfmeta, makefiles, rsync, rdist, and a local CVS repo). > >> Interoperability with other systems which use IP Filter is a plus. I= f > >> there's a maintainer, it only makes FreeBSD richer. Losing IP Filter= would > >> be a loss. > >>=20 > >>=20 > >> -- > >> Cheers, > >> Cy Schubert <Cy.Schubert=40komquats.com> > >> FreeBSD UNIX: <cy=40FreeBSD.org> Web: http://www.FreeBSD.org > >>=20 > >>=20 > >> _______________________________________________ > >> freebsd-current=40freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-current > >> To unsubscribe, send any mail to =22freebsd-current-unsubscribe=40fr= eebsd.org=22 > >>=20 > >=20 > >=20 > >=20 > > --=20 > >=20 > > Sam Fourman Jr. > > _______________________________________________ > > freebsd-net=40freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to =22freebsd-net-unsubscribe=40freebsd= .org=22 >=20 >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201304151915.r3FJFnM1002686>