Date: Wed, 10 Nov 2004 08:14:05 -0800 From: Sean Chittenden <sean@chittenden.org> To: Bryan Fullerton <fehwalker@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: ipfw jail and debug.mpsafenet Message-ID: <8AFDE7D8-3333-11D9-A34C-000A95C705DC@chittenden.org> In-Reply-To: <35de0c30041110074662654d9b@mail.gmail.com> References: <35de0c30041110074662654d9b@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I've upgraded my jail box to 5.3, and was thinking of updating ipfw > rules to use the jail rule option. Both the ipfw man page and the 5.3 > Errata indicate that debug.mpsafenet must be set to 0 to prevent a > system lock when using this rule option. > > Will setting debug.mpsafenet to 0 impact anything else on the box? A > quick googling shows it could impact performance on SMP machines, but > this is a uniproc box. Anything else I should keep an eye on? Install the following patch from csjp@. He'll be committing this in the next week or two. Once applied and compiled, fell free to turn mpsafenet off. :) cd /usr/src/sys/netinet fetch http://people.freebsd.org/~csjp/ip_fw2.c.1099500281.diff patch -p0 < ip_fw2.c.1099500281.diff cd /usr/src make buildkernel make installkernel shutdown -r now sysctl debug.mpsafenet=0 -sc -- Sean Chittenden
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8AFDE7D8-3333-11D9-A34C-000A95C705DC>