Hello Daniel, I've read the presentations on http://www.deadly.org/article.php3?sid=20030909101007 and was wondering about a couple of things. First about the benchmarks. Are those with current versions? Because I've seen those graph since 3.0 and they apear very alike. I was wondering if there was some comparison between 3.0 and 3.3, for example. The other point on the benchmarks was why wasn't stateful filtering tested with the iptables code? I know that it should be called pseudostateful filtering but... Besides on the page 30 it seems to imply quite a bit more efficient than ipf with high load, and yet the graph on slide 28 might imply the opposite. I was intrigued on how was the multi default routes support on KAME. Do they have a paper on it? The other thing that might be related or not is what are the plans for VRRP-like redundancy? I thought it was going to be a 3.4 feature (but we got tagging instead, so many choices so little firewalls to play with ;-). Is it a 3.5 planned feature, a 3.6 (i.e. post hackatlon) or a "we still don't know how are we going to avoid the Cisco patent"? Congratulations on all the work done!
-- Best regards, Alejandro Belluscio
