hi all, 1st, a caveat ... i'm new to the kernel. that said, after reading up on some of the firewall ports (e.g. pf, ipfw2) in the *BSDs, i'm wondering about the choice of building/porting "pf" to Darwin as in-kernel code, requiring of course, a kernel recompile, vs. as a KEXT. from what i've read at <http://www.opensource.apple.com/projects/documentation/howto/html/kext_tutorials/about_kext.html>, KEXTs, as i understand them to be (?) the Darwin analogues of "dynamically loadable kernel modules" for other *NIXs, seem like a logical route for a fw implementation .... QUESTION: if, e.g., porting the *BSD pf firewall is the goal, what are the pro/con arguments for in-kernel vs/ KEXT? AND, should this issue be more appropriately discussed in "darwin-kernel" or "darwin-development"? looking forward to hearing your thoughts ... richard _______________________________________________ darwin-kernel mailing list | darwin-kernel@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel Do not post admin requests to the list. They will be ignored.