From owner-freebsd-current@FreeBSD.ORG Tue Sep 23 21:42:53 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BDDD016A4BF for ; Tue, 23 Sep 2003 21:42:53 -0700 (PDT) Received: from meitner.wh.uni-dortmund.de (meitner.wh.Uni-Dortmund.DE [129.217.129.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id CAC1443FFD for ; Tue, 23 Sep 2003 21:42:50 -0700 (PDT) (envelope-from michaelnottebrock@gmx.net) Received: from lofi.dyndns.org (pc2-105.intern.meitner [10.3.12.105]) by meitner.wh.uni-dortmund.de (Postfix) with ESMTP id C3F44167522; Wed, 24 Sep 2003 06:42:49 +0200 (CEST) Received: from gmx.net (lofi@kiste.my.domain [192.168.8.4]) (authenticated bits=0) by lofi.dyndns.org (8.12.9p1/8.12.9) with ESMTP id h8O4gmhY051527 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 24 Sep 2003 06:42:48 +0200 (CEST) (envelope-from michaelnottebrock@gmx.net) Message-ID: <3F7120C7.6070809@gmx.net> Date: Wed, 24 Sep 2003 06:42:47 +0200 From: Michael Nottebrock User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en, de-de MIME-Version: 1.0 To: Sam Leffler References: <933600166.1064314652@melange.errno.com> <3F70AECE.9030809@gmx.net> <944843723.1064325895@melange.errno.com> <3F70F5CF.2070604@gmx.net> <962428939.1064343480@melange.errno.com> In-Reply-To: <962428939.1064343480@melange.errno.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new cc: freebsd-current@freebsd.org Subject: Re: HEADSUP: PFIL_HOOKS/ipfilter changes X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 04:42:53 -0000 Sam Leffler wrote: > It was not "due for 5.0" or any subsequent release. It was requested by > certain developers and I requested that they demonstrate that adding it to > the GENERIC system would not noticeably impact non-PFIL_HOOKS users. > > I intend to convert certain network subsystems to use PFIL_HOOKS instead of > their (current) adhoc techniques. This will mean that PFIL_HOOKS will be a > necessary part of the system and so will be in the GENERIC kernel. PFIL_HOOKS has been necessary in order to use the ipfilter kernel module, since 5.0-R and before, IIRC. The fact that a kernel customization and recompile was needed because of the missing PFIL_HOOKS in GENERIC for two releases in a row is a bug, and it ought to be fixed. (On a related note, the ipfilter kernel module itself is still built without IPV6 support - is there a particular reason for this?) -- ,_, | Michael Nottebrock | lofi@freebsd.org (/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org \u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org