svn commit: r242079 - in head: sbin/ipfw share/man/man4 sys/conf sys/net sys/netinet sys/netinet6 sys/netpfil/ipfw

[Andre Oppermann]

On 25.10.2012 18:25, Andrey V. Elsukov wrote:
> On 25.10.2012 19:54, Andre Oppermann wrote:
>> I still don't agree with naming the sysctl net.pfil.forward.  This
>> type of forwarding is a property of IPv4 and IPv6 and thus should
>> be put there.  Pfil hooking can be on layer 2, 2-bridging, 3 and
>> who knows where else in the future.  Forwarding works only for IPv46.
>>
>> You haven't even replied to my comment on net at .  Please change the
>> sysctl location and name to its appropriate place.
>
> Hi Andre,
>
> There were two replies related to this subject, you did not replied to
> them and i thought that you became agree.

I replied to your reply to mine.  Other than that I didn't find
anything else from you.

> So, if not, what you think about the name net.pfil.ipforward?

net.inet.ip.pfil_forward
net.inet6.ip6.pfil_forward

or something like that.

If you can show with your performance profiling that the sysctl
isn't even necessary, you could leave it completely away and have
pfil_forward enabled permanently.  That would be even better for
everybody.

>> Also an MFC's after 2 weeks must ensure that compiling with IPFIREWALL_
>> FORWARD enabled the sysctl at the same time to keep kernel configs
>> within 9-stable working.
>
> Yes, it will work like that.

Excellent.  Thank you.

-- 
Andre