From owner-freebsd-current Thu Jun 13 10:31:58 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA06772 for current-outgoing; Thu, 13 Jun 1996 10:31:58 -0700 (PDT) Received: from shogun.tdktca.com ([206.26.1.21]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA06763; Thu, 13 Jun 1996 10:31:53 -0700 (PDT) Received: from shogun.tdktca.com (daemon@localhost) by shogun.tdktca.com (8.7.2/8.7.2) with ESMTP id MAA01752; Thu, 13 Jun 1996 12:33:21 -0500 (CDT) Received: from orion.fa.tdktca.com ([163.49.131.130]) by shogun.tdktca.com (8.7.2/8.7.2) with SMTP id MAA01746; Thu, 13 Jun 1996 12:33:21 -0500 (CDT) Received: from orion (alex@localhost [127.0.0.1]) by orion.fa.tdktca.com (8.6.12/8.6.9) with SMTP id MAA01520; Thu, 13 Jun 1996 12:34:19 -0500 Message-ID: <31C0511A.279A7B71@fa.tdktca.com> Date: Thu, 13 Jun 1996 12:34:18 -0500 From: Alex Nash Organization: TDK Factory Automation X-Mailer: Mozilla 2.0 (X11; I; Linux 1.2.13 i586) MIME-Version: 1.0 To: Gary Palmer CC: Ollivier Robert , "FreeBSD Current Users' list" Subject: Re: #include opt_ipfw.h problem for lkm References: <21410.834673943@palmer.demon.co.uk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-current@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk Gary Palmer wrote: > On this subject, does anyone object to my REMOVAL of the option to > have IPFW as an LKM? Having it as an LKM is (IMHO) stupid ... all a > person breaking in needs to do to throw security WIDE open is > modunload the module, and then the machine will fall back to being a > simple router. Not my idea of a secure option. > > Will anyone seriously miss it if I remove the lkm? I know at least one person who will... The following exchange resulted from PR 1192: From: Garrett Wollman To: nash@mcs.com Cc: FreeBSD-gnats-submit@freebsd.org, phk@freebsd.org Subject: kern/1192: Kernel IPFW Date: Sun, 12 May 1996 16:23:32 -0400 < said: > Moved the majority of code out of the ipfw_load (module load) > routine and instead issue a call to ipfw_init which does the same > thing (sans the splnet() issued at the beginning of ipfw_load). Actually, I would very much like to get rid of the dynamically-loadable IPFW module entirely. If you are running any sort of a reasonable router configuration (i.e., with multiple cards from the same vendor), you will have to reconfigure the kernel anyway, and I think there are probably good security reasons for wanting in that way. (What if the LKM fails to load because you are out of disk space in /tmp? Oops.) Perhaps more significantly, it puts extra hair in the IP input and output paths that doesn't need to be there in the common case (workstation or non-firewalling router), so I'd like to see it removed. (And yes, I do remember that I'm the one who suggested making it into an LKM in the first place!) -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant From: Poul-Henning Kamp To: Garrett Wollman Cc: nash@mcs.com, FreeBSD-gnats-submit@freebsd.org Subject: Re: kern/1192: Kernel IPFW Date: Sun, 12 May 1996 20:57:43 +0000 > Actually, I would very much like to get rid of the > dynamically-loadable IPFW module entirely. I think that this makes sense from a security point of view, but people use it for a lot of things besides security. The hooks are very general and can be used for a bunch of other things as well, so I think this is all in all, not a good idea. -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so. Alex