Date: Wed, 12 Jul 2023 11:53:32 -0600 From: Warner Losh <imp@bsdimp.com> To: freebsd-hackers@freebsd.org Subject: Re: dis/advantages of compiling in-kernel over kldload Message-ID: <CANCZdfo1z9xq2%2BZNoYmudxkrR9=c_9Eg9NOECKU8kwgoGi7pbA@mail.gmail.com> In-Reply-To: <ZK7mnohS12eEYoV2@int21h> References: <ZK7mnohS12eEYoV2@int21h>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000801ddf06004de578 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, Jul 12, 2023 at 11:45=E2=80=AFAM void <void@f-m.fm> wrote: > Hello hackers@ > > (for context this is on recent -current) > > in man(4) pf we have > > SYNOPSIS > device pf > options PF_DEFAULT_TO_DROP > > no real mention if it being loaded in rc.conf. > > But when it is loaded in (just) rc.conf with pf_enable=3DYES > it gets loaded as a kld. > > Is there an advantage in compiling it in the kernel? > Is there a disadvantage in it being compiled in the kernel? > > If it's compiled in the kernel, does the system still require > pf_enable=3DYES in rc.conf? > Yes. pf_enable=3DYES will load it as a side effect when it configures pf, but isn't primarily to load it as a module. But if it's in the kernel, you still need to configure pf on boot (or some time later). I still have 'pf_load=3D"YES"' in my /boot/loader.conf, but it's for a syst= em I have that configures pf in weird ways not at boot. It's to work around th= e "weird ways" script not loading pf on demand though. Warner --000000000000801ddf06004de578 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div dir=3D"ltr"><br></div><br><div class=3D"gmail_quote">= <div dir=3D"ltr" class=3D"gmail_attr">On Wed, Jul 12, 2023 at 11:45=E2=80= =AFAM void <<a href=3D"mailto:void@f-m.fm">void@f-m.fm</a>> wrote:<br= ></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;= border-left:1px solid rgb(204,204,204);padding-left:1ex">Hello hackers@<br> <br> (for context this is on recent -current)<br> <br> in man(4) pf we have<br> <br> SYNOPSIS<br> =C2=A0 =C2=A0 =C2=A0 device pf<br> =C2=A0 =C2=A0 =C2=A0 options PF_DEFAULT_TO_DROP<br> <br> no real mention if it being loaded in rc.conf.<br> <br> But when it is loaded in (just) rc.conf with pf_enable=3DYES<br> it gets loaded as a kld. <br> <br> Is there an advantage in compiling it in the kernel?<br> Is there a disadvantage in it being compiled in the kernel?<br> <br> If it's compiled in the kernel, does the system still require<br> pf_enable=3DYES in rc.conf?<br></blockquote><div><br></div><div>Yes. pf_ena= ble=3DYES will load it as a side effect when it configures</div><div>pf, bu= t isn't primarily to load it as a module. But if it's in the kernel= ,</div><div>you still need to configure pf on boot (or some time later).</d= iv><div><br></div><div>I still have 'pf_load=3D"YES"' in = my /boot/loader.conf, but it's for a system</div><div>I have that confi= gures pf in weird ways not at boot. It's to work around the</div><div>&= quot;weird ways" script not loading pf on demand though.</div><div><br= ></div><div>Warner<br></div></div></div> --000000000000801ddf06004de578--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfo1z9xq2%2BZNoYmudxkrR9=c_9Eg9NOECKU8kwgoGi7pbA>