Re: dis/advantages of compiling in-kernel over kldload
- Reply: void : "Re: dis/advantages of compiling in-kernel over kldload"
- In reply to: void : "dis/advantages of compiling in-kernel over kldload"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 12 Jul 2023 17:53:32 UTC
On Wed, Jul 12, 2023 at 11:45 AM void <void@f-m.fm> wrote: > Hello hackers@ > > (for context this is on recent -current) > > in man(4) pf we have > > SYNOPSIS > device pf > options PF_DEFAULT_TO_DROP > > no real mention if it being loaded in rc.conf. > > But when it is loaded in (just) rc.conf with pf_enable=YES > it gets loaded as a kld. > > Is there an advantage in compiling it in the kernel? > Is there a disadvantage in it being compiled in the kernel? > > If it's compiled in the kernel, does the system still require > pf_enable=YES in rc.conf? > Yes. pf_enable=YES will load it as a side effect when it configures pf, but isn't primarily to load it as a module. But if it's in the kernel, you still need to configure pf on boot (or some time later). I still have 'pf_load="YES"' in my /boot/loader.conf, but it's for a system I have that configures pf in weird ways not at boot. It's to work around the "weird ways" script not loading pf on demand though. Warner