Date: Tue, 3 Apr 2012 22:12:45 +0400 From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@FreeBSD.org, svn-src-all@FreeBSD.org, svn-src-head@FreeBSD.org Subject: Re: svn commit: r233846 - head/sys/contrib/pf/net Message-ID: <20120403181245.GF13561@FreeBSD.org> In-Reply-To: <201204031809.q33I9LLn062165@svn.freebsd.org> References: <201204031809.q33I9LLn062165@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 03, 2012 at 06:09:21PM +0000, Gleb Smirnoff wrote: T> Author: glebius T> Date: Tue Apr 3 18:09:20 2012 T> New Revision: 233846 T> URL: http://svn.freebsd.org/changeset/base/233846 T> T> Log: T> Since pf 4.5 import pf(4) has a mechanism to defer T> forwarding a packet, that creates state, until T> pfsync(4) peer acks state addition (or 10 msec T> timeout passes). T> T> This is needed for active-active CARP configurations, T> which are poorly supported in FreeBSD and arguably T> a good idea at all. T> T> Unfortunately by the time of import this feature in T> OpenBSD was turned on, and did not have a switch to T> turn it off. This leaked to FreeBSD. T> T> This change make it possible to turn this feature T> off via ioctl() and turns it off by default. Fortunately, we got an unused field in struct pfsyncreq, so this commit doesn't break ioctl() ABI, and this is mergeable. -- Totus tuus, Glebius.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120403181245.GF13561>