Page MenuHomeFreeBSD
Differential D50856

pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS
ClosedPublic
Actions

Authored by ziaee on Jun 14 2025, 6:01 PM.
Tags
None
Referenced Files
F133146258: D50856.id157048.diff
Thu, Oct 23, 9:31 AM
Unknown Object (File)
Thu, Oct 23, 12:23 AM
Unknown Object (File)
Wed, Oct 22, 12:38 AM
Unknown Object (File)
Tue, Oct 21, 5:01 PM
Unknown Object (File)
Sun, Oct 19, 1:39 PM
Unknown Object (File)
Sat, Oct 18, 1:19 PM
Unknown Object (File)
Fri, Oct 17, 12:00 AM
Unknown Object (File)
Thu, Oct 16, 1:13 AM
View All 80 Files
Subscribers
imp

Details

Reviewers
kp
ivy
carlavilla
mhorne
Group Reviewers
manpages
Commits
rG293e4c54b536: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS
rGdca2ab32e831: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS
Summary

MFC after: 3 days

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 64874
Build 61757: arc lint + arc unit

Event Timeline

ziaee created this revision.Jun 14 2025, 6:01 PM
Herald added a subscriber: imp. · View Herald TranscriptJun 14 2025, 6:01 PM
ziaee requested review of this revision.Jun 14 2025, 6:01 PM
Harbormaster completed remote builds in B64869: Diff 157035.Jun 14 2025, 6:01 PM
kp added inline comments.Jun 14 2025, 6:35 PM
share/man/man4/pf.4
46

filter_local is not a tunable, it can be changed at runtime. As is request_maxcount.

rdr_srcport_rewrite_tries isn't user configurable at all.

share/man/man4/pfsync.4
39

pfsync_buckets is a tunable, so sysctl.conf is the wrong place for it.

ziaee retitled this revision from pf.4/pfsync.4: Add sysctls to SYNOPSIS to pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS.Jun 14 2025, 6:57 PM
ziaee updated this revision to Diff 157040.Jun 14 2025, 6:58 PM

thanks! i separated them out into the sections we usually use. maybe adds a lot of bloat?

Harbormaster completed remote builds in B64873: Diff 157040.Jun 14 2025, 6:58 PM
ziaee updated this revision to Diff 157041.Jun 14 2025, 7:07 PM

update per discussion with kp@

Harbormaster completed remote builds in B64874: Diff 157041.Jun 14 2025, 7:07 PM
ziaee updated this revision to Diff 157042.Jun 14 2025, 7:08 PM

mention sysctl.conf, might as well be precise

Harbormaster completed remote builds in B64875: Diff 157042.Jun 14 2025, 7:08 PM
kp added inline comments.Jun 14 2025, 7:34 PM
share/man/man4/pf.4
91

tunable*s*?

92

This is the wrong way around. filter_local and request_maxcount are sysctl runtime tunable, the others (states_hashsize, source_nodes_hashsize, ...) are tunables and can only be set through the loader.

107

net.pf.rdr_srcport_rewrite_tries is listed in pf.conf.5 as well. We should probably delete that one as part of this patch (or in a separate patch to delete both mentions) too.

(For reference, this was introduced in 339a1977c32414f3d23733504955245ca6f3802d, but without the actual sysctl.)

ziaee updated this revision to Diff 157048.Jun 14 2025, 9:19 PM

Spun off the removal into a parent commit.

Harbormaster completed remote builds in B64877: Diff 157048.Jun 14 2025, 9:19 PM
ziaee added a parent revision: D50859: pf.4/pf.conf.5: Remove unused sysctl.Jun 14 2025, 9:19 PM
kp accepted this revision.Jun 16 2025, 11:44 AM
This revision is now accepted and ready to land.Jun 16 2025, 11:44 AM
Closed by commit rGdca2ab32e831: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS (authored by ziaee). · Explain WhyJun 25 2025, 11:22 PM
This revision was automatically updated to reflect the committed changes.
ziaee added a commit: rGdca2ab32e831: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS.
ziaee added a commit: rG293e4c54b536: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS.Jul 4 2025, 6:24 PM

Revision Contents
Changeset List

PathSize
share/
man/
man4/
59 lines
30 lines

Diff 157041

View Options

share/man/man4/pf.4

Loading...
View Options

share/man/man4/pfsync.4

Loading...