tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Including pf/altq in GENERIC?
Hello. What we do is use pf as a lodable kernel module and then
include altq in the kernel itself as an option. This works fine,
provides all of the functionality you need for both, and is quite stable.
-Brian
On Aug 13, 4:51pm, Thor Lancelot Simon wrote:
} Subject: Re: Including pf/altq in GENERIC?
} On Wed, Aug 13, 2008 at 10:16:58PM +0200, Adam Hoka wrote:
} > Hi!
} >
} > Today I just asked someone on #NetBSD who runs over 30 installation
} > of NetBSD if he have some idea where we could improve for 5.0. He
} > asked if we could include pf and altq in the generic kernel. Many
} > agreed with that. I also think we should have this functionality
} > out-of-the-box in the kernel.
} >
} > I know we have a pf lkm but some say its broken and it excludes
} > altq.
}
} Because the ALTQ maintainers never adjusted ALTQ to use a
} non-pf-specific interface for classifying packets (though they said
} they would do so), we can't use a modern ALTQ with our default
} kernels, which include ipfilter, not pf.
}
} Because we can't include ipfilter and pf in the same kernel, we cannot
} ship default kernels with pf, because users upgrading from older
} releases will reboot their systems and suddenly find that they have no
} packet filtering, which is unacceptable.
}
} We've been here before...
}
} Thor
>-- End of excerpt from Thor Lancelot Simon
Home |
Main Index |
Thread Index |
Old Index