Update the IPFW man page to reflect reality. mpsafenet=0 is no longer

required when using ucred based rules. Pointed out by: seanc (thanks!) MFC after: 1 month
svn path=/head/; revision=138643
2004-12-10 02:38:21 +00:00 · 2004-12-10 02:38:21 +00:00 · 02a85ee096 · 2020-12-20 02:59:44 +00:00
commit 02a85ee096
parent fbf2edb6e4
1 changed files with 0 additions and 10 deletions
--- a/sbin/ipfw/ipfw.8
+++ b/sbin/ipfw/ipfw.8
@ -973,14 +973,10 @@ Matches all TCP or UDP packets sent by or received for a
 A
 .Ar group
 may be specified by name or number.
-This option should be used only if debug.mpsafenet=0 to avoid
-lock ordering issues which could result in system hard locks.
 .It Cm jail Ar prisonID
 Matches all TCP or UDP packets sent by or received for the
 jail whos prison ID is
 .Ar prisonID .
-This option should be used only if debug.mpsafenet=0 to avoid
-lock ordering issues which could result in system hard locks.
 .It Cm icmptypes Ar types
 Matches ICMP packets whose ICMP type is in the list
 .Ar types .
@ -1305,8 +1301,6 @@ Match all TCP or UDP packets sent by or received for a
 A
 .Ar user
 may be matched by name or identification number.
-This option should be used only if debug.mpsafenet=0 to avoid
-lock ordering issues which could result in system hard locks.
 .It Cm verrevpath
 For incoming packets,
 a routing table lookup is done on the packet's source address.
@ -2342,10 +2336,6 @@ the sleep terminates thus restoring the previous situation.
 .Xr sysctl 8 ,
 .Xr syslogd 8
 .Sh BUGS
-Lock ordering issues could result in system hard locks if rules which
-contain UID, GID or jail ID constraints and used with debug.mpsafenet
-set to 1.
-.Pp
 The syntax has grown over the years and sometimes it might be confusing.
 Unfortunately, backward compatibility prevents cleaning up mistakes
 made in the definition of the syntax.