From owner-cvs-all@FreeBSD.ORG  Fri Aug 20 10:39:17 2004
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A607716A4D0
	for <cvs-all@FreeBSD.ORG>; Fri, 20 Aug 2004 10:39:17 +0000 (GMT)
Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CA1D343D62
	for <cvs-all@FreeBSD.ORG>; Fri, 20 Aug 2004 10:39:16 +0000 (GMT)
	(envelope-from andre@freebsd.org)
Received: (qmail 5208 invoked from network); 20 Aug 2004 10:39:12 -0000
Received: from unknown (HELO freebsd.org) ([62.48.0.53])
          (envelope-sender <andre@freebsd.org>)
          by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP
          for <sobomax@portaone.com>; 20 Aug 2004 10:39:12 -0000
Message-ID: <4125D4D3.A4C01DDD@freebsd.org>
Date: Fri, 20 Aug 2004 12:39:15 +0200
From: Andre Oppermann <andre@freebsd.org>
X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Maxim Sobolev <sobomax@portaone.com>
References: <200408191838.i7JIcNI9044040@repoman.freebsd.org>
	<41258B26.4060507@portaone.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
cc: cvs-src@FreeBSD.ORG
cc: src-committers@FreeBSD.ORG
cc: cvs-all@FreeBSD.ORG
Subject: Re: cvs commit: src/sys/netinet ip_fw_pfil.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Aug 2004 10:39:17 -0000

Maxim Sobolev wrote:
> 
> Andre Oppermann wrote:
> > andre       2004-08-19 18:38:23 UTC
> >
> >   FreeBSD src repository
> >
> >   Modified files:
> >     sys/netinet          ip_fw_pfil.c
> >   Log:
> >   Give a useful error message if someone tries to compile IPFIREWALL into the
> >   kernel without specifying PFIL_HOOKS as well.
> 
> Can we just have PFIL_HOOKS enabled automagically when somebody tries to
> compile any sort of supported firewall (e.g. ipfw, pf or ipfilter) into
> kernel?

I have a patch ready to reduce the cost of unhooked pfil_hooks.  Then we
can simply remove the PFIL_HOOKS option and have it in permanently.

-- 
Andre