Date: Mon, 15 Apr 2013 00:25:07 +0200 From: Mark Martinec <Mark.Martinec+freebsd@ijs.si> To: freebsd-net@freebsd.org, current@freebsd.org Subject: Re: ipfilter(4) needs maintainer Message-ID: <201304150025.07337.Mark.Martinec%2Bfreebsd@ijs.si> In-Reply-To: <36562.1365960622.5652758659450863616@ffe10.ukr.net> References: <20130411201805.GD76816@FreeBSD.org> <20130414160648.GD96431@in-addr.com> <36562.1365960622.5652758659450863616@ffe10.ukr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday April 14 2013 19:30:22 wishmaster wrote: > > Do we honestly need three packet filters? > Yes! This is the most clever thought in this thread. Why we need 3 > firewalls? Two packet filters it's excess too. We have two packet filters: > one with excellent syntax and functionality but with outdated bandwidth > control mechanism (aka ALTQ); another - with nice traffic > shaper/prioritization (dummynet)/classification (diffused) but with > complicated implementation in not trivial tasks. May be the next step > will be discussion about one packet filter in the system?.. ... and as far as I can tell none of them is currently usable on an IPv6-only FreeBSD (like protecting a host with sshguard), none of them supports stateful NAT64, nor IPv6 prefix translation :( Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201304150025.07337.Mark.Martinec%2Bfreebsd>