From owner-freebsd-doc@FreeBSD.ORG Wed Feb 16 15:09:12 2005 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4BF8716A4CE for ; Wed, 16 Feb 2005 15:09:12 +0000 (GMT) Received: from volginfo.ru (ns.volginfo.ru [217.23.84.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6C33643D49 for ; Wed, 16 Feb 2005 15:09:11 +0000 (GMT) (envelope-from den@FreeBSD.org) Received: from [192.168.1.32] (llp-13.vistcom.ru [217.23.84.68]) by volginfo.ru (Postfix) with ESMTP id 0ADE8200F for ; Wed, 16 Feb 2005 18:09:12 +0300 (MSK) Message-ID: <42136211.9080908@FreeBSD.org> Date: Wed, 16 Feb 2005 18:09:05 +0300 From: Denis Peplin User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20041008 X-Accept-Language: ru, en-us, en MIME-Version: 1.0 To: freebsd-doc@FreeBSD.org Content-Type: multipart/mixed; boundary="------------030708020409070301050504" Subject: [PATCH] handbook/firewalls: rewrite warning X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Feb 2005 15:09:12 -0000 This is a multi-part message in MIME format. --------------030708020409070301050504 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hello! Some parts of handbook's firewall chapter still can mislead some users. Patch (attached) mostly obtained from security chapter, rev. 1.229 I will apply this small patch to current firewalls sections after 2 days, if no objections. Thanks! --------------030708020409070301050504 Content-Type: text/plain; name="firewalls.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="firewalls.diff" Index: firewalls/chapter.sgml =================================================================== RCS file: /home/dcvs/doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml,v retrieving revision 1.34 diff -u -r1.34 chapter.sgml --- firewalls/chapter.sgml 15 Feb 2005 15:09:42 -0000 1.34 +++ firewalls/chapter.sgml 16 Feb 2005 14:59:10 -0000 @@ -950,13 +950,12 @@ sets and is the only rule set type covered herein. - When working with the firewall rules, always, - always do it on the console of the system running the - firewall or you can end up locking your self out. - Alternatively, you may setup a cronjob to flush the - firewall rules say every five minutes. - This may not be acceptable for a corporate firewall, - but should be ok for a home firewall. + When working with the firewall rules, be + very careful. Some configurations + will lock yourself out of the server. + To be on the safe side, you may wish to consider performing + the initial firewall configuration from the local console + rather than via ssh. --------------030708020409070301050504--