On Mon, 28 Apr 1997 18:22:33 -0700 
 Jonathan Stone <jonathan@DSG.Stanford.EDU> wrote:

 > >From a security perspective, I think the previous behaviour of a
 > statically-configured ipfilter was more correct.  I don't like having
 > to do "ipf -E" either. I think having to do it is a bug.  If I
 > configure ipfilter into a kernel, ipfiltering should be on, unless
 > it's explicitly turned off.

...as the person who made said change, I'd assert that the previous
behavior was at least equally buggy, because it worked only by
sheer chance (due to a namespace collision).

 > How about this for a compromise: go back to the previous "buggy" [sic]
 > behaviour if ipfilter is statically configured, and leave the current
 > behaviour for LKMs?  Using ipfilter as an LKM introduces enough
 > dependencies that dealing with this one too isn't much marginal cost.

If you revert it to the old behavior, I will be at LEAST mildly annoyed.
With the previous behavior, every packet was passed through the
filter rule checker even if no rules had been loaded, and the user
had no intention of loading them.  That's a _bug_.  Also, the calling
convention of the initialization routine was wrong.  That's a _bug_.

If you want the behavior you describe, _please_ implement it as
a kernel compile option, like:

options 	IPF_EARLY_ENABLE	# ipf enabled early, no "ipf -E" req'd.

Jason R. Thorpe                                       thorpej@nas.nasa.gov
NASA Ames Research Center                               Home: 408.866.1912
NAS: M/S 258-6                                          Work: 415.604.0935
Moffett Field, CA 94035                                Pager: 415.428.6939