Date: Wed, 24 Sep 2003 06:42:47 +0200 From: Michael Nottebrock <michaelnottebrock@gmx.net> To: Sam Leffler <sam@errno.com> Cc: freebsd-current@freebsd.org Subject: Re: HEADSUP: PFIL_HOOKS/ipfilter changes Message-ID: <3F7120C7.6070809@gmx.net> In-Reply-To: <962428939.1064343480@melange.errno.com> References: <933600166.1064314652@melange.errno.com> <3F70AECE.9030809@gmx.net> <944843723.1064325895@melange.errno.com> <3F70F5CF.2070604@gmx.net> <962428939.1064343480@melange.errno.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sam Leffler wrote:
> It was not "due for 5.0" or any subsequent release. It was requested by
> certain developers and I requested that they demonstrate that adding it to
> the GENERIC system would not noticeably impact non-PFIL_HOOKS users.
>
> I intend to convert certain network subsystems to use PFIL_HOOKS instead of
> their (current) adhoc techniques. This will mean that PFIL_HOOKS will be a
> necessary part of the system and so will be in the GENERIC kernel.
PFIL_HOOKS has been necessary in order to use the ipfilter kernel module,
since 5.0-R and before, IIRC. The fact that a kernel customization and
recompile was needed because of the missing PFIL_HOOKS in GENERIC for two
releases in a row is a bug, and it ought to be fixed.
(On a related note, the ipfilter kernel module itself is still built without
IPV6 support - is there a particular reason for this?)
--
,_, | Michael Nottebrock | lofi@freebsd.org
(/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org
\u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F7120C7.6070809>