On Wed, May 22, 2002 at 10:58:22PM +1000, Anthony Towns wrote: > Then don't bother doing it. If the quick hack's no better than no > firewall, it obviously isn't going to satisfy me. I wonder how you can know it, because you neither know what I am satisfied with, nor how the quick hack would look like.
You don't even bother to ask what the hack would look like to learn about it. Because you don't ask, but still continue to be anal about it, it seems I have to break this with you. It looks like there is a full and usable firewall implementation in our pfinet which is really the Linux 2.2.14 network stack. It is currently not compiled in, but if it is well written it should be possible to include it, and then export the interface in the Debian packaging, and port the Linux ipchains program to the Hurd. I think this is worse than no firewalling for the GNU/Hurd, because the ipchains interface sucks and pfinet is going to be rewritten from scratch anyway, so we have no interest in doing this work, or making this interface in anyway official. But I already said if this is required to make you happy, then I would rather spent a few days on glueing this in if it is possible rather than wasting the effort of many volunteers to get this released. But I am not doing this work just to make you personally happy, first I want to see if we make all other release goals and if it is still necessary by the time the freeze comes closer. Because you already said that ipchains is fine with you, I was reasonably sure that it would be good enough from your point of view, although with my GNU/Hurd developer hat on I am totally opposed to doing this. This is because this will make Debian GNU/Hurd incompatible with GNU/Hurd, and this is not what we want. There is no chance that the hack will ever make it into GNU/Hurd officially, and because I have to change the server interface for this hack, we will break compatibility back and forth when we do the real network stack. But of course, Debian doesn't need to care about such fine details of system development. So here is the full story, although you have not asked for it. Sorry to bother you with all those uncalled for details. > And not having debian/dists/stable/main/binary-hurd-i386 gives a > similarly clear message: if you want a usable, stable operating system, > look somewhere else. Well, that is a decision Debian has to make. Thanks, Marcus -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
