On 4/11/13 5:18 PM, Andre Oppermann wrote:
Excuse me for being slightly spammy but I've received feedback that we
haven't spread this information widely enough outside the inner circles
and interested people missed the announcement.
EuroBSDcon 2013: September 28-29 in Malta
=
On Apr 14, 2013, at 5:25 PM, Mark Martinec wrote:
> ... and as far as I can tell none of them is currently usable
> on an IPv6-only FreeBSD (like protecting a host with sshguard),
> none of them supports stateful NAT64, nor IPv6 prefix translation :(
pfSense 2.1 has a lot of work to make this h
On Sat, Apr 13, 2013 at 03:25:11PM +0200, Spil Oss wrote:
> Hi YongHyeon,
>
> Will post on freebsd-ipfw@ as well...
>
> Does your engineering sample function normally with rxcsum/txcsum disabled?
Yes.
>
> Kind regards,
>
> Spil.
>
>
> On Thu, Apr 11, 2013 at 3:11 AM, YongHyeon PYUN wrote:
On Sunday April 14 2013 19:30:22 wishmaster wrote:
> > Do we honestly need three packet filters?
> Yes! This is the most clever thought in this thread. Why we need 3
> firewalls? Two packet filters it's excess too. We have two packet filters:
> one with excellent syntax and functionality but with o
On 2013/04/14, at 12:11, Anton Shterenlikht wrote:
> A migration *guide*, yes. Tools to convert one syntax to another: no.
>
> ok, so what is the brief migraiton advice?
It's still being written.
> The Handbook mentions PF and IPFW.
> I gather from your mails that PF is the recommended c
I agree with this, we dont need 3 packet filters, it seems like we should
focus the people interested in working on packet filters,toward the packet
filter most actively maintained, the fact that there is 3 in base is
overkill, Just depreciate it and be done with it
a new email, asking for help
A migration *guide*, yes. Tools to convert one syntax to another: no.
ok, so what is the brief migraiton advice?
The Handbook mentions PF and IPFW.
I gather from your mails that PF is the recommended choice.
Is that so?
If I choose PF, can I just follow the
Handbook PF section, and once i
wishmaster wrote:
--- Original message ---
From: "Gary Palmer"
Date: 14 April 2013, 19:06:59
On Sun, Apr 14, 2013 at 09:48:33AM -0600, Warren Block wrote:
Is it possible to move ipfilter into a port?
That may work short term, but the ENOMAINTAINER problem will quickly creep
up again as k
Odhiambo Washington writes:
> 2. PF is being felt to be part of FreeBSD, but it too lags far behind
> OpenBSD implementation - almost like it's unmaintained. There has been
> debates about this which were never concluded. Most of you will agree with
> me on this.
FreeBSD's version of pf is active
--- Original message ---
From: "Gary Palmer"
Date: 14 April 2013, 19:06:59
> On Sun, Apr 14, 2013 at 09:48:33AM -0600, Warren Block wrote:
> > Is it possible to move ipfilter into a port?
>
> That may work short term, but the ENOMAINTAINER problem will quickly creep
> up again as kernel API
Hi,
I will see what I can do when I come back from work. PF is based on
ipfilter so having 3 is indeed a bit much.
Chris
> On Sun, Apr 14, 2013 at 09:48:33AM -0600, Warren Block wrote:
>> Is it possible to move ipfilter into a port?
>
> That may work short term, but the ENOMAINTAINER problem wil
I would also like to see this committed. I started on my own patch about
4 months ago but got sidetracked. This would be very, very valuable to
the sysadmins at my workplace.
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/li
On Sun, Apr 14, 2013 at 09:48:33AM -0600, Warren Block wrote:
> Is it possible to move ipfilter into a port?
That may work short term, but the ENOMAINTAINER problem will quickly creep
up again as kernel APIs change. If the author has lost interest in
maintaining the FreeBSD port of ipfilter then
On 14 April 2013 16:48, Warren Block wrote:
> On Sun, 14 Apr 2013, Chris Rees wrote:
>
>> On 14 April 2013 01:41, Rui Paulo wrote:
>>>
>>> 2013/04/13 16:01?Scott Long ??:
>>>
>>>
Maybe something else, but whatever it is, it should be done. If you and
Gleb don't want to do this, I
It's NOT possible, because someone has to handle the kernel hooks, which is
the contention.
Mark as deprecated, remove the HandBook section, but only for 10.x
On 14 April 2013 18:48, Warren Block wrote:
> On Sun, 14 Apr 2013, Chris Rees wrote:
>
> On 14 April 2013 01:41, Rui Paulo wrote:
>>
On Sun, 14 Apr 2013, Chris Rees wrote:
On 14 April 2013 01:41, Rui Paulo wrote:
2013/04/13 16:01?Scott Long ??:
Maybe something else, but whatever it is, it should be done. If you and Gleb
don't want to do this, I will.
I already started writing a guide. See here for a very incomple
On Mon, 1 Apr 2013 14:36:52 +0200 Alexander Leidinger
wrote:
>
> On Wed, 27 Mar 2013 18:07:14 -0400
> "J.R. Oldroyd" wrote:
>
> > Is there any known magic involved in getting DTrace to do its thing on
> > 9.1-release?
> >
> > I am trying to use it to debug a memory leak problem with the
> > ra
I do not stand in any good stead to comment on this, but I have used
IPFilter more extensively than PF when it comes to FreeBSD and packet
manipulations. As a user, what I can say is this:
1. The only firewall that seems 'native' to FreeBSD is ipfw and I believe
it works very well for some users w
On Apr 14, 2013, at 7:20 AM, Joe wrote:
> Rui Paulo wrote:
>> On 2013/04/12, at 22:31, Scott Long wrote:
>>> On Apr 12, 2013, at 7:43 PM, Rui Paulo wrote:
>>>
On 2013/04/11, at 13:18, Gleb Smirnoff wrote:
> Lack of maintainer in a near future would lead to bitrot due to change
Rui Paulo wrote:
On 2013/04/12, at 22:31, Scott Long wrote:
On Apr 12, 2013, at 7:43 PM, Rui Paulo wrote:
On 2013/04/11, at 13:18, Gleb Smirnoff wrote:
Lack of maintainer in a near future would lead to bitrot due to changes
in other areas of network stack, kernel APIs, etc. This already
Rui Paulo wrote:
> 2013/04/13 16:01、Scott Long のメッセージ:
>
>> Maybe something else, but whatever it is, it should be done. If you and
>> Gleb don't want to do this, I will.
>
> I already started writing a guide. See here for a very incomplete version:
>
> http://people.freebsd.org/~rpaulo/ipf-d
On 14 April 2013 01:41, Rui Paulo wrote:
> 2013/04/13 16:01、Scott Long のメッセージ:
>
>> Maybe something else, but whatever it is, it should be done. If you and
>> Gleb don't want to do this, I will.
>
> I already started writing a guide. See here for a very incomplete version:
>
> http://people.fre
22 matches
Mail list logo
