Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 25 Oct 2012 17:54:42 +0200
From:      Andre Oppermann <andre@freebsd.org>
To:        "Andrey V. Elsukov" <ae@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r242079 - in head: sbin/ipfw share/man/man4 sys/conf sys/net sys/netinet sys/netinet6 sys/netpfil/ipfw
Message-ID:  <508960C2.6030003@freebsd.org>
In-Reply-To: <201210250939.q9P9dF0q022970@svn.freebsd.org>
References:  <201210250939.q9P9dF0q022970@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 25.10.2012 11:39, Andrey V. Elsukov wrote:
> Author: ae
> Date: Thu Oct 25 09:39:14 2012
> New Revision: 242079
> URL: http://svn.freebsd.org/changeset/base/242079
>
> Log:
>    Remove the IPFIREWALL_FORWARD kernel option and make possible to turn
>    on the related functionality in the runtime via the sysctl variable
>    net.pfil.forward. It is turned off by default.
>
>    Sponsored by:	Yandex LLC
>    Discussed with:	net@
>    MFC after:	2 weeks

I still don't agree with naming the sysctl net.pfil.forward.  This
type of forwarding is a property of IPv4 and IPv6 and thus should
be put there.  Pfil hooking can be on layer 2, 2-bridging, 3 and
who knows where else in the future.  Forwarding works only for IPv46.

You haven't even replied to my comment on net@.  Please change the
sysctl location and name to its appropriate place.

Also an MFC's after 2 weeks must ensure that compiling with IPFIREWALL_
FORWARD enabled the sysctl at the same time to keep kernel configs
within 9-stable working.

-- 
Andre




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?508960C2.6030003>