Contributed by jose on from the possible-improvements-for-pf dept.
The possibilities with tighter IPsec integration are interesting, and it will be interesting to see if PF gets included here and what new features and improvements get pulled in.
(Comments are closed)
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Matt () on
Darren has such a reputation for being a troll that it's hard to take him seriously when he may have a valid point. Too much integration can be a bad thing (think Windows and internet explorer) but i'm not about to tell the pf dev team they don't know what they're doing. I'm sure they've weighed the pros and cons of tieing the two software packages so closely together.
By Jadipai () on
By krh () on
If you really want to pick on him, you can find better examples. :-)
Comments
By Anonymous Coward () on
As we didn't understood that he was afraid to see another filter on netbsd.
His ipf has been removed from OpenBSD and is competing with ipfw on FreeBSD.
He just try to keep some places where ipf is still safe from competitors.
By Anonymous Coward () on
By Anonymous Coward () on
Point is that Darren does bring some valid points. However he is not non-biased. Rather a lot biased. His flame that PF is not mature should not be responsed to. It's common bullshit.
I see no point in giving NetBSD users NOT the choice by default between PF and IPF. We're not talking about default here, the user has the power to chose one of the 2 default packet filters.
By scot bontrager () junkmail@maps-on.indievisible.org on mailto:junkmail@maps-on.indievisible.org
The idea of using pf as the IPSec classifier rocks as much as using it as the ALTQ classifier. It's a shame that people are resiting it because it's "from openbsd" and that people refuse to let go of a dead system simply because changing scares them.
IIRC OpenBSD doesn't use KAME for IPSec. Am I right in this? Will this integration even do anything for us?
Comments
By Anonymous Coward () on
I am curious though. Do good developers *really* get kicked out of the OpenBSD developers circle just for being associated with NetBSD, or friends with NetBSD developers? That would be pretty ridiculous if it were true. I like to think Theo is a much better project leader than that....(and it seems there must be more to the stories of people being 'kicked out' just for associations with NetBSD, since itojun is now NetBSD core after all!).
Comments
By grey () on
Your second paragraph seem even more misguided. While there is a bit of political history between OpenBSD & NetBSD (e.g. http://zeus.theos.com/deraadt/coremail.html), that tends to have been primarily between Theo & members of NetBSD's core@. For those wanting the executive summary, essentially Theo forked OpenBSD from NetBSD because once he was ousted from NetBSD's core, he was unable to even gain back commit access to incorporate changes he had made. If memory serves, the "open" portion of "OpenBSD" was initially intended to reflect the open attitude towards development that OpenBSD was to have.
At least within the camp of OpenBSD developers, I don't think I've seen much in the way of castigation because developers have been members of other development projects (NetBSD notwithstanding). Most hearsay I have heard about OpenBSD developers having commit access removed has been directly related to their actions (or more often inactions [i.e. they haven't committed in ages and so commit access is put on hold until they start hacking again]) as related to OpenBSD. Work developers provide on other projects I think would rarely be factored into their position with OpenBSD, unless it was somehow in conflict with OpenBSD goals, though I'm just an avid user, I still can't think of any real instances of what you're alleging.
I'm really not sure where you've heard these stories of OpenBSD developers being kicked out of OpenBSD due to NetBSD associations, or towards whom they reference. The closest things that come to mind would be Theo getting kicked out from NetBSD itself... or _maybe_ Niels Provos joining up with NetBSD -after- losing commit access to OpenBSD. Maybe you, or others could actually point out some instances of what you seem to be claiming, I sure can't think of anything though.
Comments
By Anonymous Coward () on
By MotleyFool () motlefool@dieselrepower.org on mailto:motlefool@dieselrepower.org
I always wondered what really happened behind this, however it seemed to be a private matter that didn't make it out onto the lists.
By grey () on
With respect to some of the stuff that der Mouse, Thor & others went on about. I (and probably most other observers I'd guess) can't really say one way or another how accurate the claims are having not been involved in their dealings. Seems to be very politically charged though, and since we don't have the other side of the story (namely Theo's, being the theocracy/openbsd 'benevolent dictator') it's hard to speculate on things other than how they're represented there. Thor's comments in particular are the most intriguing, but by the same token - they do not seem to be all that objective. There's no coremail file to scrutinize publically either. :-/
One mention much later in the thread regarding a number of people in A2 losing commit access, there has been more a little more public discussion about to substantiate, but not much.
and with that segue...
MotleyFool: wrt to Niels in particular, from my understanding the situation was kept pretty private, so some other folks could probably shed more light if it's something that they feel needs more attention. The most public piece of evidence from which to draw conclusions surrounds a security advisory put out Summer of '02 that Provos had worked on. After that it's all internal machinations and speculation, since you can see no further commits - and some time later Niels contributing a bit to NetBSD.
That KAME thread really did turn into something wholeheartedly different than how it began. I wonder how much time has been wasted by itojun & Darren (and others) that could have been spent in a productive manner instead.
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By tony () figment@of.your.imagination on mailto:figment@of.your.imagination
I missed getting OpenBSD 3.2 installed and so when I upgraded I went from 3.1 to 3.3 and I was amazed at the new things "pf" supports. I admit I didn't at first know why "ipf" was removed from OpenBSD so I had to do some Google searches to see what the deal was. After reading what happened and the licensing change that Darren made it was the right thing to remove the code. The license change appears to violate on of the core goals of the OpenBSD which is to ensure all of the code in OpenBSD is free.
Comments
By Anonymous Coward () on
Comments
By Wraith () on
By Anonymous Coward () on
By Anonymous Coward () on