Gary Jennejohn wrote:
On Thu, 9 Jul 2020 10:27:02 +0800
Marcelo Araujo <araujobsdp...@gmail.com> wrote:
Em qui., 9 de jul. de 2020 __s 07:34, Rodney W. Grimes <
freebsd-...@gndrsh.dnsmgr.net> escreveu:
In /etc/defaults/rc.conf I see this
ipv6_ipfilter_rules="/etc/ipf6.rules"
# rules definition file for ipfilter,
# see /usr/src/contrib/ipfilter/rules for examples
man 8 ipf says
ipf -6 ipv4 and ipv6 rules are stored in a single table and can be read
from a single file. This option is no longer required to load ipv6 rules.
I interrupt this to mean that the ipv6_ipfilter_rules="/etc/ipf6.rules"
line in /etc/defaults/rc.conf is obsolete and should be removed
before RELEASE 13.0 is published for users to use.
Interesting, though I would not remove it. It should be marked as
depricated and the /etc/rc.d/ipfilter shell script updated to emit
a warning that it is depricated, but it should still be processed
to retain backwards compatibility and NOT lock someone out of a
system who has just done an upgrade to a newer version.
Do you mean deprecated or depricated?
Got confused here! Sorry English is hard for non-native speakers.
It's a typo - he meant deprecated.
This "retain backwards compatibility stuff" can be taken too far
backwards. I think ipfilter first can out with NO ipv6 support, then
ipv6 was added using 2 rule files, and later yet it was redesigned to
use a single rules file. Talking about way back around RELEASE 4.0. Now
ipfilter does not work with 2 rules files for a very long time. It's now
time to clean up the old ipv6 only stuff so the documentation and
/etc/rc.d/ipfilter boot script reflects how it works today. And another
thing to point out is the ipfilter source code has been forked and is
now under Freebsd maintainership.
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
