ipfw deprecation

Justin C. Sherrill justin at shiningsilence.com
Mon Jun 26 06:18:11 PDT 2006

On Sun, June 25, 2006 7:12 am, Simon 'corecode' Schubert wrote:
> Hey,
> I would like to deprecate ipfw (and dummynet, because it needs ipfw)
> for the next release and remove it in 1.7.
> My main reason is not its functionality, which is not bad after all,
> but its property of lieing around everywhere in the ip stack and
> littering it.  Furthermore, we have pf and ipf available since long
> time, so the transition period should have been long enough.
> Of course, if somebody needs it, a pfil'ed version of ipfw+dummynet can
> be added instead (port from freebsd?)

Is there anything pf can't do that ipfw does?  If there's nothing lost,
then there's no reason to keep it - we just need to be sure that there's a
migration path.  For instance, I'm using ipfw for NAT, and I need to

More information about the Kernel mailing list