Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 24 Jun 2002 22:47:27 -0700
From:      "Crist J. Clark" <>
To:        Luigi Rizzo <>
Cc:        ipfw@FreeBSD.ORG
Subject:   Re: do we need IPFIREWALL_FORWARD to be optional ?
Message-ID:  <>
In-Reply-To: <>; from on Fri, Jun 21, 2002 at 10:49:00AM -0700
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Fri, Jun 21, 2002 at 10:49:00AM -0700, Luigi Rizzo wrote:
> I am fixing that part of the netinet/ stack, and i wonder why
> do we need to make this optional.
> Once the global variables holding its state are removed, all the
> code reduces to a small set of short blocks (which are never entered
> if you do not have fwd rules) scattered in ip_input.c ip_output.c
> ip_fw.c and tcp_input.c, and I strongly believe that the pain and
> obfuscation of having it conditionally compiled is a lot worse than
> the modest code size increase.
> Unless there are strong objections, I am going to make it
> standard.

If you feel up to it, unconditionalize pfil(9) stuff too.
Crist J. Clark                     |
                                   |    |

To Unsubscribe: send mail to
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <>