From owner-freebsd-net@FreeBSD.ORG Mon Apr 27 10:01:10 2015 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8F294372 for ; Mon, 27 Apr 2015 10:01:10 +0000 (UTC) Received: from smtp2.mail.clearhost.co.uk (smtp2.mail.clearhost.co.uk [IPv6:2001:1420::25:102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.mail.clearhost.co.uk", Issuer "RapidSSL CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 50F311CBA for ; Mon, 27 Apr 2015 10:01:10 +0000 (UTC) Received: from [2001:1420:a:105:c62c:3ff:fe2f:bf] (port=52085 helo=parsnip.heronsbrook.org.uk) by smtp2.mail.clearhost.co.uk with esmtpa (Exim 4.76 (FreeBSD)) (envelope-from ) id 1Ymfqb-000EBb-SD for freebsd-net@freebsd.org; Mon, 27 Apr 2015 10:01:05 +0000 Message-ID: <553E0980.6090005@prt.org> Date: Mon, 27 Apr 2015 11:03:44 +0100 From: Paul Thornton User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: net.inet.ip.forwarding is mysteriously set to 0 References: <553A7350.40607@gmx.com> <1429894130.217124945.cx0dr7rv@frv34.fwdcdn.com> <553DCBF9.1010705@freebsd.org> In-Reply-To: <553DCBF9.1010705@freebsd.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Apr 2015 10:01:10 -0000 Hi On 27/04/2015 06:41, Julian Elischer wrote: > Basically all the setup scripts in /etc/rc.d (andaother setup scripts in > /etc and /usr/local/etc) > all source /etc/rc.conf and it's friends (defaults etc.) > if any of thse scripts gets called (for example by devd when it notices > a new interface), > then the entire chain of dependencies related to that chain will be run > **according to how the config files tell it to run* * > and not how the current sysctls are set. > if you think about it, this must be the case as htey need to change the > sysctls as part of > their operation. > > maybe we should have a script to do what you want and also uses sysrc(8) > to make it permanent. I don't think this is a major problem to be honest. The issue I had back in January is that the behaviour changed with an upgrade to 10.1 from 8.something as the interaction with devd wasn't well known. I don't know how this can be dealt with unless we have a load of special-cases that log warnings when, for example, forwarding is enabled in sysctl.conf but there isn't a gateway_enable in rc.conf. That sounds like a messy solution to be honest. Paul.