On Sun, Feb 12, 2012 at 8:52 AM, Ian Smith <smi...@nimnet.asn.au> wrote: > On Fri, 10 Feb 2012 16:12:00 +0000, Bjoern A. Zeeb wrote: > > > IPFIREWALL_FORWARD > > Unless something's changed, julian@ has pointed out (paraphrasing) that > this adds bits of code to various parts of the stack and was thought to > impact performance too much when unused to conditionalise each instance. > > I'm unsure if this is the only case ipfw still needs building in kernel?
If something's changed, I'd really love to hear it. IPFIREWALL_FORWARD is the most common reason I need a custom kernel (usually to solve the issues around asymmetric/source-based policy routing on multihomed hosts). Really miss Linux' "ip rule... table" functionality. Regards, -- Nino _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
