On Sunday 31 December 2006 08:04, Gleb Smirnoff wrote: > On Sun, Dec 31, 2006 at 03:42:03AM +0100, Paolo Pisati wrote: > P> On Sat, Dec 30, 2006 at 11:04:33PM +0100, Max Laier wrote: > P> > On Saturday 30 December 2006 22:46, Paolo Pisati wrote: > P> > > On Sat, Dec 30, 2006 at 01:43:21PM -0800, David Wolfskill wrote: > P> > > > Note that this was for a kernel that uses ipfw, but not natd > (ref. P> > > > src/sys/conf/NOTES). > P> > > > P> > > my mistake, i'll write an entry for UPDATING. > P> > > P> > Shouldn't it still be possible to build a kernel with IPFW but > without P> > LIBALIAS? i.e. instead of a UPDATING entry you should > just wrap the P> > libalias entry points in IPFW - or am I > misunderstanding what you are P> > saying? > P> > P> with my last commit, LIBALIAS became mandatory for IPFW, and this > adds P> 40kb (-O nocona) to my kernel size. > P> > P> If it's really an issue, i can change it. > > As I said it will be very nice if it would be still possible to build > ipfw(4) w/o libalias. I think more people will share my opinion. I agree. You can either simply #ifdef-out the Libalias glue code in ipfw on LIBALIAS or introduce a new option "FIREWALL_NO_ALIAS" or something to have that effect. The first would not break POLA and should be preferred - IMO. Having the module build default to "with LIBALIAS" is okay to make this great feature available from a default installation, but there certainly should be a way to disable it on a custom build. Also a make.conf switch to disable it from the module could make sense. -- /"\ Best regards, | mlaier_at_freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier_at_EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:04 UTC