svn commit: r347410 - in head: . sys/amd64/conf sys/arm/conf sys/arm64/conf sys/i386/conf sys/powerpc/conf sys/riscv/conf sys/sparc64/conf
Kristof Provost
kp at FreeBSD.org
Fri May 10 15:50:11 UTC 2019
On 10 May 2019, at 8:31, Andrew Gallatin wrote:
> On 2019-05-10 08:44, Slawa Olhovchenkov wrote:
>
>> pf have ifdef for IPSEC, but don't have support IPSEC_SUPPORT
>> (netpfil/pf/if_pfsync.c).
>>
>
> Thanks for pointing this out. It seems like IPSEC_SUPPORT would work
> for this. I've made a patch, and it compiles and the pf module loads.
> However, I have no knowledge of how to test it. Is this something
> that you use, and which you can test?
>
I suspect this code has not actually been enabled for a long time.
gettdb() doesn’t actually appear to be defined anywhere, so I
wouldn’t expect it to ever compile.
gettdb() does exist in OpenBSD, so my current guess is that this is just
an import artefact, and we should `#ifdef OPENBSD` it or something, or
just remove it completely.
For completeness, and because I never shut up about this: to test pf
`kldload pfsync`, `cd /usr/tests/sys/netpfil/pf` and `sudo kyua test`
There’s more information in the current edition of the FreeBSD
journal.
Regards,
Kristof
More information about the svn-src-head
mailing list