> > >> The question is, is this enough? Or asked differently, why are you > > >> compiling a custom kernel in a production environment (so I rule out > > >> debug options which are not enabled in GENERIC)? Are there options > > >> which you add which you can not add as a module (SW_WATCHDOG comes > > >> to my mind)? If yes, which ones and how important are they for you? > > > > > > Hello, > > > > > > we are currently using on every server (in order to maintain a single > > > custom kernel) the following options: > > > > > > IPFIREWALL IPFIREWALL_DEFAULT_TO_ACCEPT > > > > loadable, tunable there for this
Hi, On my gateway I use these options with FreeBSD 8.2 : options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=5 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT options IPFIREWALL_FORWARD options DUMMYNET options HZ=1000 Regards, Grégoire Leroy _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
