From owner-freebsd-ipfw@freebsd.org Sun May 20 08:01:22 2018 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE893EAB405 for ; Sun, 20 May 2018 08:01:22 +0000 (UTC) (envelope-from lantw44@gmail.com) Received: from mail-pg0-x231.google.com (mail-pg0-x231.google.com [IPv6:2607:f8b0:400e:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 61C1375A0E; Sun, 20 May 2018 08:01:22 +0000 (UTC) (envelope-from lantw44@gmail.com) Received: by mail-pg0-x231.google.com with SMTP id 63-v6so2883158pgg.3; Sun, 20 May 2018 01:01:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:subject:from:to:cc:date:mime-version :content-transfer-encoding; bh=4Uyg3X4MrcRCBx5vtqABrZxWl0Nw8r1NxTPcwJFJtco=; b=WzzwPjXZoVObt5JJx3D4CoTOR19Fw7Dnqm0P9I5+qEi6fSqbviuJ8icr1gDulE7h5E 9v5fXrMySKLKrgTijYfftvLb7nXMpM8+tidJnLZlXzsUlFwKTrTjpYdUJykzfKm5rx3F TMLDSsN4MfO6IS2l820gmfu+88wFEhQiMj0iJARV/mVEthLhWEbfQZ91/u6QGL55qpkn 5eReBqtl/ySVvnH5vTUyWqFDOr/rUGm9DQ0azZIbeWf72DjkbYpqt2PyB8BQChO4REPt rvI6ofUXT0Dy/3KITrgsR3J/vmjeo27Dznm5zkz9j871pu3cgFEA04vsTJsPcmhuKDoz ODcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:subject:from:to:cc:date:mime-version :content-transfer-encoding; bh=4Uyg3X4MrcRCBx5vtqABrZxWl0Nw8r1NxTPcwJFJtco=; b=Z0tobupKwBMIbvkU/WmcH5ARcAw0ddgqXyXipsKrXxksZRpfP32W5mfObYyMd6ktg6 C6QFV4FOXWumYT71R/Sz8H3ZUizYt4wn+aAAa5EeWVtPB5W+k3sAn0u2UTNUGji4plTz 82kbhmNn2XJzN3PHNOMFp+CKxrg7E5ohSPLiLxGnf9xGQlZ1fdrcoda0pDuLXp3pC94t oJdguCddsF0tLhrsLV3rTJfLsxv+mM3UpVQdJdJK3z147GpFzDX2yaNXgnZOg/Aj1IDs rwEjF1hDmN5DYmHkGiG3ZoaVZYl2Ct/BF04TMghlUJzEy9S+7CBiXnwvlDJWmILasPfI D6RQ== X-Gm-Message-State: ALKqPwdnD9eTjrg0UnG6CKnkdScnjKke41t2Q15ONVd4DjGiXDQKs3vL oWO47xqarpu4bNjqrWFWfUTJsiHL X-Google-Smtp-Source: AB8JxZqbMjWXDLT+jJ3zmETpL+kgtmUFp1yMPaHQZqPwQhXQ22yoWYUyIK3weoorgPnMWxTN+QSBhg== X-Received: by 2002:a62:5b02:: with SMTP id p2-v6mr15614027pfb.96.1526803281362; Sun, 20 May 2018 01:01:21 -0700 (PDT) Received: from [192.168.1.92] (123-204-232-139.adsl.dynamic.seed.net.tw. [123.204.232.139]) by smtp.gmail.com with ESMTPSA id 76-v6sm9525007pge.8.2018.05.20.01.01.20 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 20 May 2018 01:01:20 -0700 (PDT) Message-ID: <22feed0d6b659746619604cb20e2e091b79ca480.camel@gmail.com> Subject: Missing sysctl net.inet.ip.fw.dyn_keep_states on FreeBSD 11.2 From: =?Big5?Q?=C2=C5=AE=BC=DE=B3?= To: ae@freebsd.org Cc: freebsd-ipfw@freebsd.org Date: Sun, 20 May 2018 16:00:54 +0800 Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.29.2 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sun, 20 May 2018 11:42:08 +0000 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 May 2018 08:01:23 -0000 Hello, I upgraded my desktop system from FreeBSD 11.2-BETA1 last week, and I found the sysctl 'net.inet.ip.fw.dyn_keep_states' got removed. I upgraded it again to FreeBSD 11.2-BETA2 today, and I still could not find it. Currently I rely on both 'net.inet.ip.fw.default_to_accept=1' and 'net.inet.ip.fw.dyn_keep_states=1' to be able to reload firewall rules with 'service ipfw restart' without breaking existing TCP connections. As this sysctl variable is still mentioned in ipfw(8) man page, will it be brought back in future versions, or there will be an alternative solution for firewall rules reload? Thanks.