Page MenuHomeFreeBSD
Differential D50856

pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS
ClosedPublic
Actions

Authored by ziaee on Jun 14 2025, 6:01 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Jul 9, 10:06 AM
Unknown Object (File)
Mon, Jul 7, 2:35 PM
Unknown Object (File)
Mon, Jul 7, 2:46 AM
Unknown Object (File)
Mon, Jul 7, 2:37 AM
Unknown Object (File)
Sun, Jul 6, 7:21 AM
Unknown Object (File)
Sun, Jul 6, 3:45 AM
Unknown Object (File)
Sat, Jul 5, 2:01 PM
Unknown Object (File)
Fri, Jul 4, 10:23 PM
View All 44 Files
Subscribers
imp

Details

Reviewers
kp
ivy
carlavilla
mhorne
Group Reviewers
manpages
Commits
rG293e4c54b536: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS
rGdca2ab32e831: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS
Summary

MFC after: 3 days

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 64877
Build 61760: arc lint + arc unit

Event Timeline

ziaee created this revision.Jun 14 2025, 6:01 PM
Herald added a subscriber: imp. · View Herald TranscriptJun 14 2025, 6:01 PM
ziaee requested review of this revision.Jun 14 2025, 6:01 PM
Harbormaster completed remote builds in B64869: Diff 157035.Jun 14 2025, 6:01 PM
kp added inline comments.Jun 14 2025, 6:35 PM
share/man/man4/pf.4
46

filter_local is not a tunable, it can be changed at runtime. As is request_maxcount.

rdr_srcport_rewrite_tries isn't user configurable at all.

share/man/man4/pfsync.4
39

pfsync_buckets is a tunable, so sysctl.conf is the wrong place for it.

ziaee retitled this revision from pf.4/pfsync.4: Add sysctls to SYNOPSIS to pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS.Jun 14 2025, 6:57 PM
ziaee updated this revision to Diff 157040.Jun 14 2025, 6:58 PM

thanks! i separated them out into the sections we usually use. maybe adds a lot of bloat?

Harbormaster completed remote builds in B64873: Diff 157040.Jun 14 2025, 6:58 PM
ziaee updated this revision to Diff 157041.Jun 14 2025, 7:07 PM

update per discussion with kp@

Harbormaster completed remote builds in B64874: Diff 157041.Jun 14 2025, 7:07 PM
ziaee updated this revision to Diff 157042.Jun 14 2025, 7:08 PM

mention sysctl.conf, might as well be precise

Harbormaster completed remote builds in B64875: Diff 157042.Jun 14 2025, 7:08 PM
kp added inline comments.Jun 14 2025, 7:34 PM
share/man/man4/pf.4
91

tunable*s*?

92

This is the wrong way around. filter_local and request_maxcount are sysctl runtime tunable, the others (states_hashsize, source_nodes_hashsize, ...) are tunables and can only be set through the loader.

106–107

net.pf.rdr_srcport_rewrite_tries is listed in pf.conf.5 as well. We should probably delete that one as part of this patch (or in a separate patch to delete both mentions) too.

(For reference, this was introduced in 339a1977c32414f3d23733504955245ca6f3802d, but without the actual sysctl.)

ziaee updated this revision to Diff 157048.Jun 14 2025, 9:19 PM

Spun off the removal into a parent commit.

Harbormaster completed remote builds in B64877: Diff 157048.Jun 14 2025, 9:19 PM
ziaee added a parent revision: D50859: pf.4/pf.conf.5: Remove unused sysctl.Jun 14 2025, 9:19 PM
kp accepted this revision.Mon, Jun 16, 11:44 AM
This revision is now accepted and ready to land.Mon, Jun 16, 11:44 AM
Closed by commit rGdca2ab32e831: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS (authored by ziaee). · Explain WhyWed, Jun 25, 11:22 PM
This revision was automatically updated to reflect the committed changes.
ziaee added a commit: rGdca2ab32e831: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS.
ziaee added a commit: rG293e4c54b536: pf.4/pfsync.4: Separate sysctl/tunables >> SYNOPSIS.Fri, Jul 4, 6:24 PM

Revision Contents
Changeset List

PathSize
share/
man/
man4/
37 lines
30 lines

Diff 157048

View Options

share/man/man4/pf.4

Loading...
View Options

share/man/man4/pfsync.4

Loading...