Page MenuHomeFreeBSD
Differential D53787

ipfilter: Disable ipfs(8) by default
Needs ReviewPublic
Actions

Authored by cy on Mon, Nov 17, 2:41 PM.
Tags
None
Referenced Files
F136576938: D53787.id.diff
Tue, Nov 18, 10:36 AM
F136576292: D53787.id166562.diff
Tue, Nov 18, 10:30 AM
Unknown Object (File)
Mon, Nov 17, 7:25 PM
Unknown Object (File)
Mon, Nov 17, 3:53 PM
Subscribers
bdrewery
imp
jrm
melifaro
vegeta_tuxpowered.net

Details

Reviewers
emaste
markj
glebius
Summary

At the moment ipfs(8) is a tool that can be easily abused. Though the
concept is sound the implementation needs some work.

ipfs(8) should be considered experimental at the moment.

This commit also makes ipfs support in the kernel optional.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 68686
Build 65569: arc lint + arc unit

Event Timeline

cy created this revision.Mon, Nov 17, 2:41 PM
Herald added subscribers: vegeta_tuxpowered.net, melifaro, imp, bdrewery. · View Herald TranscriptMon, Nov 17, 2:41 PM
cy requested review of this revision.Mon, Nov 17, 2:41 PM
Harbormaster completed remote builds in B68686: Diff 166562.Mon, Nov 17, 2:41 PM
emaste added inline comments.Mon, Nov 17, 3:16 PM
sys/conf/NOTES
1049
sys/conf/options
109

in opt_ipfilter.h?

cy added inline comments.Mon, Nov 17, 5:25 PM
sys/conf/NOTES
1049

Sounds fair enough.

markj added a comment.Tue, Nov 18, 4:58 PM

This looks ok to me with Ed's suggestion applied.

cy added a comment.Tue, Nov 18, 7:31 PM
In D53787#1228857, @markj wrote:

This looks ok to me with Ed's suggestion applied.

Ed's suggestion has been applied locally. The revision has also been updated (locally) to also include ip_state. It makes no sense to do this in two commits.

Revision Contents
Changeset List

PathSize
sbin/
ipf/
7 lines
share/
mk/
1 line
sys/
conf/
1 line
1 line
modules/
ipfilter/
7 lines
netpfil/
ipfilter/
netinet/
5 lines
tools/
build/
mk/
4 lines

Diff 166562

View Options

sbin/ipf/Makefile

Loading...
View Options

share/mk/src.opts.mk

Loading...
View Options

sys/conf/NOTES

Loading...
View Options

sys/conf/options

Loading...
View Options

sys/modules/ipfilter/Makefile

Loading...
View Options

sys/netpfil/ipfilter/netinet/ip_nat.c

Loading...
View Options

tools/build/mk/OptionalObsoleteFiles.inc

Loading...