From 71112b5a8eb3a8cd3f5d49eff9664a32fec42b56 Mon Sep 17 00:00:00 2001
From: ae <ae@FreeBSD.org>
Date: Thu, 25 Oct 2012 09:39:14 +0000
Subject: Remove the IPFIREWALL_FORWARD kernel option and make possible to turn
 on the related functionality in the runtime via the sysctl variable
 net.pfil.forward. It is turned off by default.

Sponsored by:	Yandex LLC
Discussed with:	net@
MFC after:	2 weeks
---
 sys/conf/NOTES | 7 -------
 1 file changed, 7 deletions(-)

(limited to 'sys/conf/NOTES')

diff --git a/sys/conf/NOTES b/sys/conf/NOTES
index 6d4ea53..aaf4c98 100644
--- a/sys/conf/NOTES
+++ b/sys/conf/NOTES
@@ -897,12 +897,6 @@ device		lagg
 # IPDIVERT enables the divert IP sockets, used by ``ipfw divert''.  It
 # depends on IPFIREWALL if compiled into the kernel.
 #
-# IPFIREWALL_FORWARD enables changing of the packet destination either
-# to do some sort of policy routing or transparent proxying.  Used by
-# ``ipfw forward''. All  redirections apply to locally generated
-# packets too.  Because of this great care is required when
-# crafting the ruleset.
-#
 # IPFIREWALL_NAT adds support for in kernel nat in ipfw, and it requires
 # LIBALIAS.
 #
@@ -923,7 +917,6 @@ options 	IPFIREWALL		#firewall
 options 	IPFIREWALL_VERBOSE	#enable logging to syslogd(8)
 options 	IPFIREWALL_VERBOSE_LIMIT=100	#limit verbosity
 options 	IPFIREWALL_DEFAULT_TO_ACCEPT	#allow everything by default
-options 	IPFIREWALL_FORWARD	#packet destination changes
 options 	IPFIREWALL_NAT		#ipfw kernel nat support
 options 	IPDIVERT		#divert sockets
 options 	IPFILTER		#ipfilter support
-- 
cgit v1.1