On Thu, May 02, 2013 at 10:35:19AM +0200, Franco Fichtner wrote:
> as stated before, breaking down complexity to the bare minimum is my
> requirement for this to be happening at all.  You all get to be the
> judges.  I'm just trying to work on something worth doing.
> > The last thing we want it a rotting pile of protocol parsing code like
> > wireshark.
> Case closed then?  I don't know how to argue with that.

IMHO, don't ask and don't argue. If you need DPI in pf (or
whatever), write it *for you*, then use it for *your needs*. If one
day you feel it could be useful to others, share the code and
someone may like it.

Speaking of complexity, OpenBSD already has plenty of complicated
kernel code that could run in user-mode but it's in the kernel
because it was easier that way, or the author thought it's faster
that way or ports expect it to be that way.

-- Alexandre

Reply via email to