svn commit: r242079 - in head: sbin/ipfw share/man/man4 sys/conf sys/net sys/netinet sys/netinet6 sys/netpfil/ipfw
Andre Oppermann
andre at freebsd.org
Thu Oct 25 15:55:02 UTC 2012
On 25.10.2012 11:39, Andrey V. Elsukov wrote:
> Author: ae
> Date: Thu Oct 25 09:39:14 2012
> New Revision: 242079
> URL: http://svn.freebsd.org/changeset/base/242079
>
> Log:
> Remove the IPFIREWALL_FORWARD kernel option and make possible to turn
> on the related functionality in the runtime via the sysctl variable
> net.pfil.forward. It is turned off by default.
>
> Sponsored by: Yandex LLC
> Discussed with: net@
> MFC after: 2 weeks
I still don't agree with naming the sysctl net.pfil.forward. This
type of forwarding is a property of IPv4 and IPv6 and thus should
be put there. Pfil hooking can be on layer 2, 2-bridging, 3 and
who knows where else in the future. Forwarding works only for IPv46.
You haven't even replied to my comment on net at . Please change the
sysctl location and name to its appropriate place.
Also an MFC's after 2 weeks must ensure that compiling with IPFIREWALL_
FORWARD enabled the sysctl at the same time to keep kernel configs
within 9-stable working.
--
Andre
More information about the svn-src-all
mailing list