DragonFly kernel List (threaded) for 2004-05
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: GENERIC and firewall modules

To:	"Erik P. Skaalerud" <erik@xxxxxxxxxxxx>
From:	Hiten Pandya <hmp@xxxxxxxxxxxxx>
Date:	Wed, 26 May 2004 02:41:00 +0100

Erik P. Skaalerud wrote:

As with the current GENERIC, PFIL_HOOKS are not enabled by default.

Any reasons for this? I dont know abotu the ipfw module, but the ipfilter module (ipl) can not load without PFIL in kernel.

Perhaps it could be made default in GENERIC?

Erik


	Last time I checked, PFIL_HOOKS degrades the performance of
	input/output path.  People who do not use a firewall solution
	the additional processing is pointless.

	FreeBSD guys only added it due to mass requests of firewall
	module brokenness.  In my opinion, it would be better to just
	compile-in your firewall with a modified configuration; but
	as I said, that is my opinion.

		-Hiten
		hmp@xxxxxxxxxxxxx

Follow-Ups:
- Re: GENERIC and firewall modules
  - From: Michel Talon
- Re: GENERIC and firewall modules
  - From: Erik P. Skaalerud

References:
- GENERIC and firewall modules
  - From: Erik P. Skaalerud

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]