setjmp/lonjmp
Joerg Sonnenberger
joerg at britannica.bec.de
Mon Feb 14 00:00:22 PST 2005
On Sat, Feb 12, 2005 at 07:43:05PM +0100, Michel Talon wrote:
> Third it gives the impression of un unmaintained and crappy codebase, and
> this is bad. Let us look at the 3 firewall packages in FreeBSD-5.3. Only
> one of them has been fine grained locked, i.e. pf. At the same time pf
> is coupled with altq which is notoriously the best traffic shaping utility
> available in FreeBSD.
(a) There is ALTQ support for IPFW2 in FreeBSD.
(b) Once IPFW(2) is untangled from main network code and cleanly isolated
and module loadable, I have to strong reason to remove it.
(c) Noone in DF land actively maintains ipf.
(d) PF has to synced with OpenBSD 3.6.
(e) The interaction of firewalls and a multi-threaded CPU-bound network
stack has not been evaluated yet. This is much more involved and
difficult work than "fine grained locking", which can be done somewhat
mechanical.
Just to throw some actual facts into this discussion. Until someone
wants to contribute code for (a) - (e), I'd like to let this thread die.
Joerg
More information about the Kernel
mailing list