On Thursday 2012-12-13 15:28, Pablo Neira Ayuso wrote: >> >> >> >> http://www.spinics.net/lists/netfilter-devel/msg23919.html >> > >> >I don't think that feature-set provides compelling reasons to push >> >this mainstream. >> >> Well, if not that, then what - documentation, code size? > >Not only that. Xtables2 (in its feature-set) inherits many of the >design decisions that were taken while designing iptables back in the >late nineties. nf_tables itself retains some "late nineties" design decisions as well. In my opinion, there is nothing wrong with keeping some concepts. A developer is not required to reevaluate and reinnovate every concept there has been just for the heck of it. (The old "evolution, not revolution" credo.) Throwing everything overboard generally does not turn out to work these days. That reminds me of Linus's statement from this year's LinuxCon: '''there were all these crazy people doing “innovative” operating systems, and they were all horrible. And they were trying to do things in new ways, and it turns out, sometimes, the old ways are the correct ways, and, you have done something for 30 years one way, because that works.''' -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
