Date: Sat, 21 Dec 2002 02:21:44 +0300 (MSK) From: Sergey Mokryshev <mokr@mokr.net> To: Vallo Kallaste <kalts@estpak.ee> Cc: Terry Lambert <tlambert2@mindspring.com>, Sam Leffler <sam@errno.com>, Hiten Pandya <hiten@unixdaemons.com>, Darren Reed <darrenr@reed.wattle.id.au>, <current@FreeBSD.ORG> Subject: Re: PFIL_HOOKS should be made default in 5.0 Message-ID: <20021221020951.C7129-100000@lemori.mokr.ru> In-Reply-To: <20021220212919.GA3543@tiiu.internal>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 20 Dec 2002, Vallo Kallaste wrote: > On Fri, Dec 20, 2002 at 08:30:42AM -0800, Terry Lambert > <tlambert2@mindspring.com> wrote: > > > Vallo Kallaste wrote: > > > On Thu, Dec 19, 2002 at 08:46:44PM -0800, Sam Leffler > > > <sam@errno.com> wrote: > > > > > #ifndef PFIL_HOOKS #error "You must specify PFIL_HOOKS when > > > > > using ipfilter" #endif > > > > > > > > > > Unfortunately there's no way that I know to express this if > > > > > ipfilter is loaded as a module. > > > > > > > > Duh, there'll probably be unresolved symbols if you try to > > > > load ipl.ko w/o PFIL_HOOKS defined in the kernel. > > > > > > Yes, and this "undefined symbols" message will make no sense > > > from user perspective. > > > > > > Then fix it. The fix is trivial: > [description of possible fix snipped] > > As I've stated several times and as you most certainly know I'm not > developer. What are you trying to accomplish by the phrase "then fix > it"? Put me down, eh? > I have encountered this problem several times and for the first time > the message about unresolved symbol(s) made no sense and forced me > to do time consuming searches over the 'Net to get a clue what's > going on. Will we want to get possible users using FreeBSD or will > we want argue about it to death? The users get bored and move on, > that's it. > Unfortunately nobody cares to look into PR database (conf/44576) In case PFIL_HOOKS really slows IP processing I don't mind keeping this out of GENERIC, however it should be noted in UPDATING and release notes. I did not do any time consuming searches the first time I tried to load ipl.ko, but I've spent some time reading NOTES before upgrading to -CURRENT and I am using IP Filter for about three years now on Solaris and FreeBSD (thanks, Darren). IMHO GENERIC is not supposed to be fast, but to be useable out-of-the box. Bringing in PFIL_HOOKS with the appropriate comment about things being more complicated and slow will ease 4.0->5.0 upgrade and do not prevent someone from building custom kernel without it. Sincerely yours, Sergey Mokryshev. -- Sergey S. Mokryshev <mokr@mokr.net> SMP453, MOKR-RIPN To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021221020951.C7129-100000>