* [Cerowrt-devel] nftables
@ 2013-10-21 18:37 Dave Taht
0 siblings, 0 replies; only message in thread
From: Dave Taht @ 2013-10-21 18:37 UTC (permalink / raw)
To: cerowrt-devel
I am happy to see a replacement for iptables begin to emerge. There's
lots of cool things about it, and it's my hope the vm is actually fast
enough to use in complex ways. It's generally the "expressibility" of
iptables that makes me bats; it's very difficult to automatically make
efficient rules - a human can generally do much, much better.
But that said: I don't plan to fiddle with it in this release cycle,
nor, probably, the next. It's cool that it's landing in 3.13, but I
would anticipate it taking several releases to shake out enough to
even try out on a non-x86 platform.
At the moment I plan to be on 3.10.X for a long time.
And I'd like to get the "I" out of the paragraphs above and more into a "we".
--
Dave Täht
Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2013-10-21 18:37 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-10-21 18:37 [Cerowrt-devel] nftables Dave Taht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox