Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 31 Jul 2014 08:42:04 -0400
From:      Jerry <>
Subject:   Re: Future of pf / firewall in FreeBSD ? - does it have one ?
Message-ID:  <20140731084204.70f54672@scorpio>
In-Reply-To: <>
References:  <> <> <> <201407200939020335.0017641F@smtp.24cl.home> <> <201407201230590265.00B479C4@smtp.24cl.home> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Thu, 31 Jul 2014 22:02:22 +1000, Da Rock stated:

>Without diminishing your efforts so far, what do you think about=20
>pitching all efforts into IPFW to combine effort and reduce overhead of=20
>maintaining separate firewalls in the core? Is there an advantage to=20
>having our own pf?

The advantage is obvious -- you would have total control over the code. The
disadvantage is that there is no one else to blame if it goes south.

I use IPFW exclusively. I am by no means an expert, but I have figured out
how to get it working without having to read reams of documentation. There
are several examples that can be used and boilerplate's to be found on the
FreeBSD site. I believe that those examples could be updated and perhaps a
few others added, but it is certainly a good start.

I have always believed that if you are not going to do something right, then
don't do it at all. Continuing to maintain an application that is not fully
functional, and lets face it, "state of the art", is just an example of

There are always going to be those 10% of users who are going to bitch and
moan like a group of whiny high school girls. Forget them. They will
eventually get on board. Hell, there are morons who would consider this a
l=C3=A8se majest=C3=A9, as they no doubt did when cities changed from gas l=
ights to
electric one.

The inability or unwillingness to evolve and change leads to extinction.


Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

Version: GnuPG v2



Want to link to this message? Use this URL: <>