Hello,

Is there a specific reason we raise the kernel securelevel
in /etc/rc.d/sysctl before the sysctl variables are set?

With a "secure" kernel it is impossible to change 
net.inet.ip.forwsrcrt and perhaps some more variables
defined in /etc/sysctl.conf .

Or should I define this in the kernel option file?
Is this the "right" way?

Why do we forbid changing this variable at all?
With securelevel=1 I can change  net.inet.ip.forwarding
net.inet.ip.allowsrcrt  and many more important settings.

--
Markus Kurek