ipv6_ipfilter_rules= is obsolete ?
Rodney W. Grimes
freebsd-rwg at gndrsh.dnsmgr.net
Wed Jul 8 23:34:14 UTC 2020
> In /etc/defaults/rc.conf I see this
>
> ipv6_ipfilter_rules="/etc/ipf6.rules"
> # rules definition file for ipfilter,
> # see /usr/src/contrib/ipfilter/rules for examples
>
> man 8 ipf says
>
> ipf -6 ipv4 and ipv6 rules are stored in a single table and can be read
> from a single file. This option is no longer required to load ipv6 rules.
>
> I interrupt this to mean that the ipv6_ipfilter_rules="/etc/ipf6.rules"
> line in /etc/defaults/rc.conf is obsolete and should be removed
> before RELEASE 13.0 is published for users to use.
Interesting, though I would not remove it. It should be marked as
depricated and the /etc/rc.d/ipfilter shell script updated to emit
a warning that it is depricated, but it should still be processed
to retain backwards compatibility and NOT lock someone out of a
system who has just done an upgrade to a newer version.
--
Rod Grimes rgrimes at freebsd.org
More information about the freebsd-current
mailing list