Actions
Todo #5370
closedReview usage of IPsec-related sysctl OIDs in GUI and backend code
Start date:
11/03/2015
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Description
2.3 will have less sysctl OIDs with the various changes made to FreeBSD along the way. We need to review the sysctls modified by the IPsec code in various places (e.g. /etc/inc/vpn.inc) to make sure they still exist or are necessary. In particular, net.inet.ip.ipsec_in_use and net.inet.ip.fastforwarding should not be present or used on 2.3
Updated by Luiz Souza about 9 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
2.3 code was reviewed, no further use cases were found.
Updated by Chris Buechler about 9 years ago
- Status changed from Feedback to Assigned
I removed fastforwarding from config upgrade code. Looks like that was the last remnant of these.
We need config upgrade code to unset $config['sysctl']['item'][x]['tunable'] = "net.inet.ip.fastforwarding"
to remove it from upgraded configs.
Updated by Luiz Souza about 9 years ago
- Status changed from Assigned to Resolved
Added the upgrade code to unset "net.inet.ip.fastforwarding" when necessary.
Actions