Subject: order in rc.d/sysctl
To: None <>
From: Markus Kurek <>
List: current-users
Date: 07/16/2000 22:32:59

Is there a specific reason we raise the kernel securelevel
in /etc/rc.d/sysctl before the sysctl variables are set?

With a "secure" kernel it is impossible to change 
net.inet.ip.forwsrcrt and perhaps some more variables
defined in /etc/sysctl.conf .

Or should I define this in the kernel option file?
Is this the "right" way?

Why do we forbid changing this variable at all?
With securelevel=1 I can change  net.inet.ip.forwarding
net.inet.ip.allowsrcrt  and many more important settings.

Markus Kurek