Re: Formal submission of Xtables2
[Posted January 9, 2013 by jake]
| From: |
| Jan Engelhardt <jengelh-AT-inai.de> |
| To: |
| Pablo Neira Ayuso <pablo-AT-netfilter.org> |
| Subject: |
| Re: Formal submission of Xtables2 |
| Date: |
| Thu, 13 Dec 2012 15:53:45 +0100 (CET) |
| Message-ID: |
| <alpine.LNX.2.01.1212131528410.1273@nerf07.vanv.qr> |
| Cc: |
| Netfilter Developer Mailing List
<netfilter-devel-AT-vger.kernel.org>,
Netfilter user mailing list <netfilter-AT-vger.kernel.org> |
| Archive‑link: | |
Article |
On Thursday 2012-12-13 15:28, Pablo Neira Ayuso wrote:
>> >>
>> >> http://www.spinics.net/lists/netfilter-devel/msg23919.html
>> >
>> >I don't think that feature-set provides compelling reasons to push
>> >this mainstream.
>>
>> Well, if not that, then what - documentation, code size?
>
>Not only that. Xtables2 (in its feature-set) inherits many of the
>design decisions that were taken while designing iptables back in the
>late nineties.
nf_tables itself retains some "late nineties" design decisions as
well.
In my opinion, there is nothing wrong with keeping some concepts. A
developer is not required to reevaluate and reinnovate every concept
there has been just for the heck of it. (The old "evolution, not
revolution" credo.) Throwing everything overboard generally does not
turn out to work these days.
That reminds me of Linus's statement from this year's LinuxCon:
'''there were all these crazy people doing “innovative” operating
systems, and they were all horrible. And they were trying to
do things in new ways, and it turns out, sometimes, the old
ways are the correct ways, and, you have done something for
30 years one way, because that works.'''
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
