SecurityPortal: IPFilter: Free No More?
May 28, 2001, 14:12 (15 Talkback[s])
(Other stories by Kurt Seifried)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
IPFilter is the foundation of firewalling for the BSD family. A
recent release included a change in the license that restricts
"derivative or modified works," and a subsequent change that
redistribution is not permitted. This article maintains IPF is no
longer compliant with the Open Source Definition aising issues
similar to the issues raised by ssh being "taken proprietary."
"Assuming Darren Reed is "correct" with his new
license, it is unlikely he will back down and return to the
original license, leaving *BSD developers with a dilemma on their
- Ask for permission to use IPF, and assuming they get it stay
with IPF, however at some point in the future Darren Reed may
decide to not allow them to use IPF, leaving a gaping hole
(literally, no firewalling code) in the affected system.
- Possibly fork development of IPF, which is unfortunate because
of the increased workload it will create and the potential
divergence leading to incompatibilities (right now IPF is IPF, on
Solaris, OpenBSD, FreeBSD, etc.).
- Start from scratch, which would require even more work then
simply forking IPF, and certainly cause a lot of grief for all