From owner-freebsd-ipfw  Fri Jun 21 10:49: 3 2002
Delivered-To: freebsd-ipfw@freebsd.org
Received: from iguana.icir.org (iguana.icir.org [192.150.187.36])
	by hub.freebsd.org (Postfix) with ESMTP id 6E1B037B408
	for <ipfw@FreeBSD.ORG>; Fri, 21 Jun 2002 10:49:00 -0700 (PDT)
Received: (from rizzo@localhost)
	by iguana.icir.org (8.11.6/8.11.3) id g5LHn0r83092;
	Fri, 21 Jun 2002 10:49:00 -0700 (PDT)
	(envelope-from rizzo)
Date: Fri, 21 Jun 2002 10:49:00 -0700
From: Luigi Rizzo <rizzo@icir.org>
To: ipfw@FreeBSD.ORG
Subject: do we need IPFIREWALL_FORWARD to be optional ?
Message-ID: <20020621104900.C81994@iguana.icir.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ipfw.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ipfw>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ipfw>
X-Loop: FreeBSD.ORG

I am fixing that part of the netinet/ stack, and i wonder why
do we need to make this optional.

Once the global variables holding its state are removed, all the
code reduces to a small set of short blocks (which are never entered
if you do not have fwd rules) scattered in ip_input.c ip_output.c
ip_fw.c and tcp_input.c, and I strongly believe that the pain and
obfuscation of having it conditionally compiled is a lot worse than
the modest code size increase.

Unless there are strong objections, I am going to make it
standard.

	cheers
	luigi

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message