[PLUG] Minimal firewall hardware
Mark Martin
mmartin at u.washington.edu
Fri Apr 25 17:02:02 UTC 2003
On Friday 25 April 2003 11:24, Paul Heinlein wrote:
> My understanding is that 3.3 is substantially different from 2.5,
> though other PLUG folks with better BSD chops might be able to provide
> a fuller discussion of the issue.
Theo de Raadt had a "falling out" with the author of IPFilter, which was
completely independent of OpenBSD, regarding making modifications to the
source code. As I recall, the OpenBSD folks insisted on modifying the code
in the course of their characteristic security audits and other development
activities whereas the author of IPFilter wanted complete control over any
modifications. A flame war ensued, the end result of which was the removal
of IPFilter from OpenBSD and the creation of a completely new firewalling
package written for OpenBSD by the OpenBSD developers. I believe that this
occurred during the transition between 2.8 and 2.9 in the middle of 2001.
So, you might expect substantial differences between the firewalling code in
2.5 and 3.3, although I believe that the OpenBSD folks at least initially
maintained compatibility with IPFilter to ease the transition for their
users.
I built firewalls using OpenBSD 2.8 and 2.9 but haven't done so more recently.
So I can't tell you how large the differences are without trolling through
some documentation.
Food for enquiring minds. ;-) Enjoy,
Mark
--
---------------------------------------------------------------------
Mark A. Martin, Ph.D.
Applied Mathematics -- Software Development -- Systems Administration
Currently available for employment.
See http://www.amath.washington.edu/~mmartin/resume/ for details.
---------------------------------------------------------------------
More information about the PLUG
mailing list