Date: Thu, 25 Oct 2012 22:29:51 +0200 From: Andre Oppermann <andre@freebsd.org> To: "Andrey V. Elsukov" <ae@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r242079 - in head: sbin/ipfw share/man/man4 sys/conf sys/net sys/netinet sys/netinet6 sys/netpfil/ipfw Message-ID: <5089A13F.8080405@freebsd.org> In-Reply-To: <508967E3.3070508@FreeBSD.org> References: <201210250939.q9P9dF0q022970@svn.freebsd.org> <508960C2.6030003@freebsd.org> <508967E3.3070508@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 25.10.2012 18:25, Andrey V. Elsukov wrote: > On 25.10.2012 19:54, Andre Oppermann wrote: >> I still don't agree with naming the sysctl net.pfil.forward. This >> type of forwarding is a property of IPv4 and IPv6 and thus should >> be put there. Pfil hooking can be on layer 2, 2-bridging, 3 and >> who knows where else in the future. Forwarding works only for IPv46. >> >> You haven't even replied to my comment on net@. Please change the >> sysctl location and name to its appropriate place. > > Hi Andre, > > There were two replies related to this subject, you did not replied to > them and i thought that you became agree. I replied to your reply to mine. Other than that I didn't find anything else from you. > So, if not, what you think about the name net.pfil.ipforward? net.inet.ip.pfil_forward net.inet6.ip6.pfil_forward or something like that. If you can show with your performance profiling that the sysctl isn't even necessary, you could leave it completely away and have pfil_forward enabled permanently. That would be even better for everybody. >> Also an MFC's after 2 weeks must ensure that compiling with IPFIREWALL_ >> FORWARD enabled the sysctl at the same time to keep kernel configs >> within 9-stable working. > > Yes, it will work like that. Excellent. Thank you. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5089A13F.8080405>