IP Filter

[Stephen Clark]

Hello List,

Can someone tell me why ipf_nattable_max is not a sysctl variable. The 
only way to change this currently
is via a edit the source and rebuild.

It looks like it would be as simple as adding:
SYSCTL_IPF(_net_inet_ipf, OID_AUTO, pf_nattable_max, CTLFLAG_RWO,
           &ipf_nattable_max, 0, "");
to mlfk_ipl.c

Regards,
Steve

-- 

"They that give up essential liberty to obtain temporary safety, 
deserve neither liberty nor safety."  (Ben Franklin)

"The course of history shows that as a government grows, liberty 
decreases."  (Thomas Jefferson)