From 60e4181ca9ac8dbd1acb6baf85b42b0666aa56b7 Mon Sep 17 00:00:00 2001
From: Eric Garver <eric@garver.life>
Date: Wed, 19 May 2021 12:52:52 -0400
Subject: [PATCH 30/30] improvement(conf): note that IPv6_rpfilter has a
 performance penalty

(cherry picked from commit cf8e0df944322f1ad283946c64bf7f933c25340d)
(cherry picked from commit 1a8bb7e5dcee3bcd691219104427daf39ead1f82)
---
 config/firewalld.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/config/firewalld.conf b/config/firewalld.conf
index f791b2358ab8..a0556c0bbf5b 100644
--- a/config/firewalld.conf
+++ b/config/firewalld.conf
@@ -23,6 +23,8 @@ Lockdown=no
 # packet would be sent via the same interface that the packet arrived on, the 
 # packet will match and be accepted, otherwise dropped.
 # The rp_filter for IPv4 is controlled using sysctl.
+# Note: This feature has a performance impact. See man page FIREWALLD.CONF(5)
+# for details.
 # Default: yes
 IPv6_rpfilter=yes
 
-- 
2.27.0