On Wed, Feb 16, 2011 at 02:27:08PM +0000, Kevin Chadwick wrote:
| On Wed, 16 Feb 2011 14:47:39 +0100
| Henning Brauer wrote:
|
| > indeed.
|
| hmmm, it's bugging me where I read that there was a window. I have a
| memory that it was quite an authoritive source but I guess not.
Somehow pf has done a lot of things right from day 1 ;) I've had long
debates with people claiming it was impossible to atomically change
rulesets. They didn't believe pf could do it, claimed it would have
to cheat by temporarily blocking all while changing the ruleset. They
realized the sillyness of the argument after I pointed out "ah, you
mean as in the pf rule `block quick all` ?".
Some people are SO stuck on the linux way of things... Maybe you
mixed up quotes about pf and netfilter ? I believe it's still not
possible to atomically change rulesets in Linux (although I could be
wrong with the latest firewall-du-jour they have).
| Anyway, cool to know now.
And to have, for almost 10 years now .. mark June 24th in your
calendars people ;)
[weerd@despair] $ grep Insane /usr/share/calendar/calendar.openbsd
Jun 24 PF added. Insane amounts of work done by dhartmei@, 2001
Cheers,
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
