On Fri, 2004-08-20 at 15:03, Mitch (WebCob) wrote:
> > At the moment some nice addons are in development (openvpn, snort eg.)
> > but there is no easy/secure way to install them in the base image of
> > m0n0wall - the mentioned patch-scripts are a hack and for FreeBSD 4.x as
> > vnconfig is obsolete :).
> >
> 
> Not sure what you mean - FreeBSD 4.x is not obsolete until 5.x generates a
> stable branch. 5.x is still cloaked in "early adopter" warnings and such -
> hardly suitable - or recommended - even by the developers - as a security
> device platform for unsuspecting end users.

Sorry if I'm taking this thread onto a tangent, but...

Even after we call the RELENG_5 branch "5-STABLE", 4-STABLE will live on
for awhile still.  We have another 4.X release (4.11) planned at some
time in the indefinite future after 5.3-RELEASE (which is scheduled for
an October 2004 release).  So I'd say that 4.X has a fair bit of life
left in it yet, even though it might not get some of the code from 6.X
and 5.X (such as the Atheros drivers).

When you refer to the "early adopter" warnings...I'm assuming you mean
the Early Adopter's Guide.  This document was purposely rather
conservative, which was appropriate for when it was written (just before
5.0-RELEASE).  I should have kept it up to date for 5.1-RELEASE and
5.2-RELEASE, but didn't.  5.X has made incredible strides in stability
and performance since 5.0, but (as many of you are aware) a 5.X-based
m0n0wall would need to be accompanied by a *lot* of testing.

Cheers,

Bruce.
(ex-FreeBSD release engineering team member)