bb60f459a0
Prior to this change, Accidental recursion protection was done by the diverted daemon feeding back the divert port number it got the packet on, as the port number on a sendto(). IPFW knew not to redivert a packet to this port (again). Processing of the ruleset started at the beginning again, skipping that divert port. The new semantic (which is how we should have done it the first time) is that the port number in the sendto() is the rule number AFTER which processing should restart, and on a recvfrom(), the port number is the rule number which caused the diversion. This is much more flexible, and also more intuitive. If the user uses the same sockaddr received when resending, processing resumes at the rule number following that that caused the diversion. The user can however select to resume rule processing at any rule. (0 is restart at the beginning) To enable the new code use option IPFW_DIVERT_RESTART This should become the default as soon as people have looked at it a bit
236 lines
6.3 KiB
Plaintext
236 lines
6.3 KiB
Plaintext
# $Id: options,v 1.74 1998/05/24 01:29:52 jkh Exp $
|
|
#
|
|
# On the handling of kernel options
|
|
#
|
|
# All kernel options should be listed in LINT, with suitable
|
|
# descriptions. Negative options (options that make some code not
|
|
# compile) should be commented out; LINT should compile as much code
|
|
# as possible. Try to structure option-using code so that a single
|
|
# option only switch code on, or only switch code off, to make it
|
|
# possible to have a full compile-test. If necessary, you can include
|
|
# "opt_lint.h" and check for COMPILING_LINT to get maximum code
|
|
# coverage.
|
|
#
|
|
# All new options shall also be listed in either "conf/options" or
|
|
# "<machine>/conf/options.<machine>". Options that affect a single
|
|
# source-file <xxx>.[c|s] should be directed into "opt_<xxx>.h", while
|
|
# options that affect multiple files should either go in
|
|
# "opt_global.h" if this is a kernel-wide option (used just about
|
|
# everywhere), or in "opt_<option-name-in-lower-case>.h" if it affect
|
|
# only some files. Note that the effect of listing only an option
|
|
# without a header-file-name in conf/options (and cousins) is that the
|
|
# last convention is followed.
|
|
#
|
|
# This handling scheme is not yet fully implemented.
|
|
#
|
|
#
|
|
# Format of this file:
|
|
# Option name filename
|
|
#
|
|
# If filename is missing, the default is
|
|
# opt_<name-of-option-in-lower-case>.h
|
|
|
|
# Miscellaneous options.
|
|
BOUNCE_BUFFERS opt_bounce.h
|
|
COMPAT_43 opt_compat.h
|
|
COMPAT_SUNOS opt_compat.h
|
|
COMPILING_LINT opt_lint.h
|
|
DDB
|
|
DDB_UNATTENDED opt_ddb.h
|
|
GDB_REMOTE_CHAT opt_ddb.h
|
|
DEVFS
|
|
SLICE opt_devfs.h
|
|
FAILSAFE
|
|
HW_WDOG
|
|
KTRACE
|
|
MD5
|
|
MFS_AUTOLOAD opt_mfs.h
|
|
MFS_ROOT opt_mfs.h
|
|
NO_LKM
|
|
NSWAPDEV opt_swap.h
|
|
PPS_SYNC opt_ntp.h
|
|
QUOTA
|
|
SPX_HACK
|
|
SUIDDIR opt_suiddir.h
|
|
SYSVMSG opt_sysvipc.h
|
|
SYSVSEM opt_sysvipc.h
|
|
SYSVSHM opt_sysvipc.h
|
|
UCONSOLE
|
|
|
|
# POSIX kernel options
|
|
P1003_1B opt_posix.h
|
|
_KPOSIX_PRIORITY_SCHEDULING opt_posix.h
|
|
_KPOSIX_VERSION opt_posix.h
|
|
|
|
# Do we want the config file compiled into the kernel?
|
|
INCLUDE_CONFIG_FILE opt_config.h
|
|
|
|
# Options for static file systems. These should only be used at config
|
|
# time, since the corresponding lkms cannot work if there are any static
|
|
# dependencies. Unusability is enforced by hiding the defines for the
|
|
# options in a never-included header.
|
|
EXT2FS opt_dontuse.h
|
|
FDESC opt_dontuse.h
|
|
KERNFS opt_dontuse.h
|
|
MFS opt_dontuse.h
|
|
MSDOSFS opt_dontuse.h
|
|
NULLFS opt_dontuse.h
|
|
PORTAL opt_dontuse.h
|
|
PROCFS opt_dontuse.h
|
|
UMAPFS opt_dontuse.h
|
|
|
|
# These static filesystems has one slightly bogus static dependency in
|
|
# sys/i386/i386/autoconf.c. If any of these filesystems are
|
|
# statically compiled into the kernel, code for mounting them as root
|
|
# filesystems will be enabled - but look below. Boot-code is purposely
|
|
# unavailable for the LKM-based versions.
|
|
CFS
|
|
CD9660
|
|
FFS
|
|
NFS
|
|
|
|
# If you are following the conditions in the copyright,
|
|
# you can enable soft-updates which will speed up a lot of thigs
|
|
# and make the system safer from crashes at the same time.
|
|
# otherwise a STUB module will be compiled in.
|
|
SOFTUPDATES opt_ffs.h
|
|
|
|
# The above static dependencies are planned removed, with a
|
|
# <filesystem>_ROOT option to control if it usable as root. This list
|
|
# allows these options to be present in config files already (though
|
|
# they won't make any difference yet).
|
|
CD9660_ROOT opt_cd9660.h
|
|
FFS_ROOT opt_ffs.h
|
|
NFS_ROOT opt_nfs.h
|
|
|
|
# Multi-session CD-Rs might require a huge amount of time in order to
|
|
# "settle". If we are about mounting them as the root f/s, we gotta
|
|
# wait a little.
|
|
CD9660_ROOTDELAY opt_cd9660.h
|
|
|
|
# The union static file system has bogus static dependencies, so it isn't
|
|
# hidden yet.
|
|
UNION
|
|
|
|
# Options used only in param.c.
|
|
EXTRAVNODES opt_defunct.h
|
|
MSGMNB opt_param.h
|
|
MSGMNI opt_param.h
|
|
MSGSEG opt_param.h
|
|
MSGSSZ opt_param.h
|
|
MSGTQL opt_param.h
|
|
NBUF opt_param.h
|
|
NMBCLUSTERS opt_param.h
|
|
SEMMAP opt_param.h
|
|
SEMMNI opt_param.h
|
|
SEMMNS opt_param.h
|
|
SEMMNU opt_param.h
|
|
SEMMSL opt_param.h
|
|
SEMOPM opt_param.h
|
|
SEMUME opt_param.h
|
|
SHMALL opt_param.h
|
|
SHMMAX opt_param.h
|
|
SHMMAXPGS opt_param.h
|
|
SHMMIN opt_param.h
|
|
SHMMNI opt_param.h
|
|
SHMSEG opt_param.h
|
|
|
|
# Generic SCSI options.
|
|
SCSIDEBUG opt_scsi.h
|
|
SCSI_DELAY opt_scsi.h
|
|
SCSI_REPORT_GEOMETRY opt_scsi.h
|
|
SCSI_2_DEF opt_scsi.h
|
|
|
|
# Options used only in scsi/od.c.
|
|
OD_AUTO_TURNOFF opt_od.h
|
|
OD_BOGUS_NOT_READY opt_od.h
|
|
|
|
# Options used only in pci/ncr.c
|
|
SCSI_NCR_DEBUG opt_ncr.h
|
|
SCSI_NCR_DFLT_TAGS opt_ncr.h
|
|
SCSI_NCR_MAX_SYNC opt_ncr.h
|
|
SCSI_NCR_MAX_WIDE opt_ncr.h
|
|
SCSI_NCR_MYADDR opt_ncr.h
|
|
|
|
# Resource limits.
|
|
CHILD_MAX opt_defunct.h
|
|
DFLDSIZ opt_rlimit.h
|
|
MAXDSIZ opt_rlimit.h
|
|
OPEN_MAX opt_defunct.h
|
|
|
|
# Net stuff.
|
|
ARP_PROXYALL opt_defunct.h
|
|
BOOTP opt_bootp.h
|
|
BOOTP_COMPAT opt_bootp.h
|
|
BOOTP_NFSROOT opt_bootp.h
|
|
BOOTP_NFSV3 opt_bootp.h
|
|
BOOTP_WIRED_TO opt_bootp.h
|
|
GATEWAY opt_defunct.h
|
|
MROUTING opt_mrouting.h
|
|
INET opt_inet.h
|
|
IPDIVERT
|
|
IPFIREWALL opt_ipfw.h
|
|
IPFIREWALL_VERBOSE opt_ipfw.h
|
|
IPFIREWALL_VERBOSE_LIMIT opt_ipfw.h
|
|
IPFIREWALL_DEFAULT_TO_ACCEPT opt_ipfw.h
|
|
#temp option to change ipfw/divert semantics. Should become standard.
|
|
IPFW_DIVERT_RESTART opt_ipfw.h
|
|
IPX opt_ipx.h
|
|
IPXIP opt_ipx.h
|
|
IPTUNNEL opt_ipx.h
|
|
NETATALK opt_atalk.h
|
|
PPP_BSDCOMP opt_ppp.h
|
|
PPP_DEFLATE opt_ppp.h
|
|
PPP_FILTER opt_ppp.h
|
|
TCP_COMPAT_42 opt_compat.h
|
|
TCPDEBUG
|
|
IPFILTER opt_ipfilter.h
|
|
IPFILTER_LOG opt_ipfilter.h
|
|
IPFILTER_LKM opt_ipfilter.h
|
|
|
|
# XXX Conflict: # of devices vs network protocol (Native ATM).
|
|
# This makes "atm.h" unusable.
|
|
NATM opt_natm.h
|
|
|
|
# DPT driver debug flags
|
|
DPT_VERIFY_HINTR opt_dpt.h
|
|
DPT_USE_SINTR opt_dpt.h
|
|
DPT_RESTRICTED_FREELIST opt_dpt.h
|
|
DPT_MEASURE_PERFORMANCE opt_dpt.h
|
|
DPT_FREELIST_IS_STACK opt_dpt.h
|
|
DPT_HANDLE_TIMEOUTS opt_dpt.h
|
|
DPT_TIMEOUT_FACTOR opt_dpt.h
|
|
DPT_INTR_DELAY opt_dpt.h
|
|
DPT_LOST_IRQ opt_dpt.h
|
|
|
|
# Misc debug flags. Most of these should probably be replaced with
|
|
# 'DEBUG', and then let people recompile just the interesting modules
|
|
# with 'make CC="cc -DDEBUG'.
|
|
CLUSTERDEBUG opt_debug_cluster.h
|
|
DEBUG_1284 opt_debug_1284.h
|
|
LOCKF_DEBUG opt_debug_lockf.h
|
|
LOUTB opt_debug_outb.h
|
|
NPX_DEBUG opt_debug_npx.h
|
|
NETATALKDEBUG opt_atalk.h
|
|
NULLFS_DIAGNOSTIC opt_debug_nullfs.h
|
|
SI_DEBUG opt_debug_si.h
|
|
|
|
|
|
# These cause changes all over the kernel
|
|
DEBUG opt_global.h
|
|
DIAGNOSTIC opt_global.h
|
|
SIMPLELOCK_DEBUG opt_global.h
|
|
ENABLE_VFS_IOOPT opt_global.h
|
|
|
|
# These are VM related options
|
|
VM_KMEM_SIZE opt_vm.h
|
|
VM_KMEM_SIZE_SCALE opt_vm.h
|
|
VM_KMEM_SIZE_MAX opt_vm.h
|
|
|
|
# sys/netkey
|
|
KEY
|
|
KEY_DEBUG opt_key.h
|
|
|
|
# Size of the kernel message buffer
|
|
MSGBUF_SIZE opt_msgbuf.h
|