diff options
author | rik <rik@FreeBSD.org> | 2008-09-06 16:47:07 +0000 |
---|---|---|
committer | rik <rik@FreeBSD.org> | 2008-09-06 16:47:07 +0000 |
commit | 8075e22678639c560edbc9838a84a9ec65eb813d (patch) | |
tree | 4fc63df8c359cc4ac902bc75a03ed9101eb73330 /sys/netinet/ip_fw2.c | |
parent | 078503b2138ae4c2469808dc1c296ef0a2cf3e86 (diff) | |
download | FreeBSD-src-8075e22678639c560edbc9838a84a9ec65eb813d.zip FreeBSD-src-8075e22678639c560edbc9838a84a9ec65eb813d.tar.gz |
Export the IPFW_DEFAULT_RULE outside ip_fw2.c. This number in not only
the default rule number but also the maximum rule number. User space
software such as ipfw and natd should be aware of its value. The
software that already includes ip_fw.h should use the defined value. All
other a expected to use sysctl (as discussed on net@).
MFC after: 5 days.
Discussed on: net@
Diffstat (limited to 'sys/netinet/ip_fw2.c')
-rw-r--r-- | sys/netinet/ip_fw2.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c index 1f316c4..a131ae8 100644 --- a/sys/netinet/ip_fw2.c +++ b/sys/netinet/ip_fw2.c @@ -122,7 +122,6 @@ static int verbose_limit; static struct callout ipfw_timeout; static uma_zone_t ipfw_dyn_rule_zone; -#define IPFW_DEFAULT_RULE 65535 /* * Data structure to cache our ucred related @@ -180,6 +179,8 @@ SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose, &fw_verbose, 0, "Log matches to ipfw rules"); SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit, CTLFLAG_RW, &verbose_limit, 0, "Set upper limit of matches of ipfw rules logged"); +SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, default_rule, CTLFLAG_RD, + NULL, IPFW_DEFAULT_RULE, "The default/max possible rule number."); /* * Description of dynamic rules. |