Add missing opt_ipfilter.h.

Renamed IPFS to IPFILTER_IPFS.

In D54041#1234795, @fuz wrote:

I recommend that instead of !defined(__cplusplus), maybe we do !defined(unreachable). This should also cover C codebases with their own unreachable macros and matches what we do for offsetof.

No issues here.

Replaced by D53843.

Replaced by D53843.

This fixes the issue.

In D53899#1231752, @des wrote:

In D53899#1231683, @cy wrote:

Can there be a sysctl to restore the legacy algorithm for sites that do not have many, if any, ephemeral IP addresses? Linux allows one to set this in /proc/sys/net/ipv4/neigh/ethX/gc_stale_time. We should be able to do the same in a sysctl.

There already is, if only you'd bothered to read the diff.

EDIT: I just realized you're referring to something else entirely, in which case can you please discuss it elsewhere?

Quoting the SUMMARY:

LGTM

This update incorporates Ed's suggestion. Instead of an additional
commit to conditionally remove ipfs(8) from ip_state.c we do it here
as well.

In D53787#1228857, @markj wrote:

This looks ok to me with Ed's suggestion applied.

In D53805#1228994, @markj wrote:

In D53805#1228989, @cy wrote:

Rather than set IPFERROR within the function we return a return code and let the caller set the IPFERROR. Do you mind if I take this and flesh it out a bit?

Please go ahead!

Rather than set IPFERROR within the function we return a return code and let the caller set the IPFERROR. Do you mind if I take this and flesh it out a bit?

This would need to be duplicated to replace D53475.

I've tested this patch on a Framework 13 and an HP 840 G5. Mind you, I had no problems with either prior to the patch.

In D53803#1228714, @emaste wrote:

Can you upload the patch with full context (i.e. git diff -U9999999 or git show -U99999999)

This update may have been already pushed to phabricator. It is pushed
again just to be sure.

All issues have been resolved. I believe I had updated this revision. I will update again just to be sure.