[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: UVM, UBC, and PF criticisms in comp.unix.solaris

To: "Generic Player" <suck@my-balls.com>
Subject: Re: UVM, UBC, and PF criticisms in comp.unix.solaris
From: Kjell Wooding <kjell@tash.pintday.org>
Date: Sat, 05 Jan 2002 19:19:28 -0700
Cc: misc@openbsd.org

> > well, I'm a bit confused. _If_ iptables is "the best free firewall out
> > there", why didn't the OpenBSD project just clip and incorporate that
> > instead of taking the trouble of rewriting one from scratch?
> 
> I would assume the fact that its license is no good, and the fact that
> its directly tied to the linux kernel, its not like ipf where it was
> written to work on more than one OS, I am not a developer, so I really
> couldn't say for sure.

I looked at it at the time. There were four reasons:

1) Total incompatability with ipf-style rulesets
2) License, sure. Interestingly, some of the files I looked at
were derived from ipfw (at least, the header files), yet they
were GPL'ed.
3) It was basically brand new also, so there was no clear stability
or correctness benefit.
4) There is very little in common between the BSD and Linux IP stacks.
This makes porting a packet filter from one to the other pretty much
insane. (I'm sure darren would agree here)

-kj

References:
- Re: UVM, UBC, and PF criticisms in comp.unix.solaris
  - From: "Generic Player" <suck@my-balls.com>

Prev by Date: Re: Install 2.9 upgd fm cd, and patch
Next by Date: Re: Install 2.9 upgd fm cd, and patch
Prev by thread: Re: UVM, UBC, and PF criticisms in comp.unix.solaris
Next by thread: ipnat and http traffic
Index(es):
- Date
- Thread