Missing sysctl net.inet.ip.fw.dyn_keep_states on FreeBSD 11.2
藍挺瑋
lantw44 at gmail.com
Sun May 20 08:01:23 UTC 2018
Hello,
I upgraded my desktop system from FreeBSD 11.2-BETA1 last week, and I found the
sysctl 'net.inet.ip.fw.dyn_keep_states' got removed. I upgraded it again to
FreeBSD 11.2-BETA2 today, and I still could not find it. Currently I rely on
both 'net.inet.ip.fw.default_to_accept=1' and 'net.inet.ip.fw.dyn_keep_states=1'
to be able to reload firewall rules with 'service ipfw restart' without breaking
existing TCP connections. As this sysctl variable is still mentioned in ipfw(8)
man page, will it be brought back in future versions, or there will be an
alternative solution for firewall rules reload?
Thanks.
More information about the freebsd-ipfw
mailing list