From owner-freebsd-security Wed Feb 3 22:45:08 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA24992 for freebsd-security-outgoing; Wed, 3 Feb 1999 22:45:08 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from host07.rwsystems.net (kasie.rwsystems.net [209.197.192.103]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA24976 for ; Wed, 3 Feb 1999 22:45:04 -0800 (PST) (envelope-from jwyatt@RWSystems.net) Received: from kasie.rwsystems.net([209.197.192.103]) (1380 bytes) by host07.rwsystems.net via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Thu, 4 Feb 1999 00:20:42 -0600 (CST) (Smail-3.2.0.104 1998-Nov-20 #1 built 1998-Dec-24) Date: Thu, 4 Feb 1999 00:20:36 -0600 (CST) From: James Wyatt To: rcramer@sytex.net cc: "Jordan K. Hubbard" , freebsd-security@FreeBSD.ORG Subject: Re: tcpdump inclusion in GENERIC In-Reply-To: <199902030628.BAA01462@cscfx.sytex.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Someone wrote: > OK, time to raise this topic again. What to people think about > enabling bpfilter by default in GENERIC? On Wed, 3 Feb 1999, Richard Cramer answered: > I vote YES. Greater then 50% of rebuilding the kernel is to > include bpfilter. Wow! I'd really like to know where *that* number came from. I could have sworn it was 42.8% with another 44.3% going to turning-on divert for natd usage. 8{) I like the idea of making a kernel work without rebuild for most folks. What do other folks usually need to rebuild a kernel for? (besides server tuning stuff like MAX_USERS, etc...) FWIW: I'm for turning them both on, but 2 bpfs to save memory rather than LINT's 4. You don't really take the CPU hit until you open them, anyway... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message