git: d91839d3e366 - stable/13 - extend description of net.inet.ip.fw.one_pass

[Dmitry Morozovsky]

The branch stable/13 has been updated by marck:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=d91839d3e3664681e9dbed83c751bb16b1500764

commit d91839d3e3664681e9dbed83c751bb16b1500764
Author:     Dmitry Morozovsky <ma...@freebsd.org>
AuthorDate: 2025-07-22 12:32:34 +0000
Commit:     Dmitry Morozovsky <ma...@freebsd.org>
CommitDate: 2025-08-05 05:53:06 +0000

    extend description of net.inet.ip.fw.one_pass
    
    Description of net.inet.ip.fw.one_pass tunable refers only to dummynet(4),
    while in reality is applicable on any divert-like packet action like
    in-kernel nat, netgraph, reass, or similar.
    
    Reviewed by:    ae
    MFC after:      2 weeks
    Differential Revision:  https://reviews.freebsd.org/D51436
---
 sys/netpfil/ipfw/ip_fw2.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c
index 5a96872f9c4f..2e306d9e291c 100644
--- a/sys/netpfil/ipfw/ip_fw2.c
+++ b/sys/netpfil/ipfw/ip_fw2.c
@@ -195,7 +195,7 @@ SYSCTL_NODE(_net_inet_ip, OID_AUTO, fw, CTLFLAG_RW | 
CTLFLAG_MPSAFE, 0,
     "Firewall");
 SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, one_pass,
     CTLFLAG_VNET | CTLFLAG_RW | CTLFLAG_SECURE3, &VNET_NAME(fw_one_pass), 0,
-    "Only do a single pass through ipfw when using dummynet(4)");
+    "Only do a single pass through ipfw when using dummynet(4), ipfw_nat or 
other divert(4)-like interfaces");
 SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, autoinc_step,
     CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(autoinc_step), 0,
     "Rule number auto-increment step");