git: bb56c0ecf93e - stable/14 - extend description of net.inet.ip.fw.one_pass
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 05 Aug 2025 05:53:51 UTC
The branch stable/14 has been updated by marck:
URL: https://cgit.FreeBSD.org/src/commit/?id=bb56c0ecf93e4643da6920822538707eaa108f19
commit bb56c0ecf93e4643da6920822538707eaa108f19
Author: Dmitry Morozovsky <marck@FreeBSD.org>
AuthorDate: 2025-07-22 12:32:34 +0000
Commit: Dmitry Morozovsky <marck@FreeBSD.org>
CommitDate: 2025-08-05 05:52:16 +0000
extend description of net.inet.ip.fw.one_pass
Description of net.inet.ip.fw.one_pass tunable refers only to dummynet(4),
while in reality is applicable on any divert-like packet action like
in-kernel nat, netgraph, reass, or similar.
Reviewed by: ae
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D51436
---
sys/netpfil/ipfw/ip_fw2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c
index e43d1a8fbbff..0e0ecd3c6b20 100644
--- a/sys/netpfil/ipfw/ip_fw2.c
+++ b/sys/netpfil/ipfw/ip_fw2.c
@@ -197,7 +197,7 @@ SYSCTL_NODE(_net_inet_ip, OID_AUTO, fw, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
"Firewall");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, one_pass,
CTLFLAG_VNET | CTLFLAG_RW | CTLFLAG_SECURE3, &VNET_NAME(fw_one_pass), 0,
- "Only do a single pass through ipfw when using dummynet(4)");
+ "Only do a single pass through ipfw when using dummynet(4), ipfw_nat or other divert(4)-like interfaces");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, autoinc_step,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(autoinc_step), 0,
"Rule number auto-increment step");