From owner-freebsd-doc@FreeBSD.ORG  Thu Nov  9 13:44:31 2006
Return-Path: <owner-freebsd-doc@FreeBSD.ORG>
X-Original-To: doc@FreeBSD.org
Delivered-To: freebsd-doc@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E923816A403
	for <doc@FreeBSD.org>; Thu,  9 Nov 2006 13:44:31 +0000 (UTC)
	(envelope-from info@bozza.ru)
Received: from comanche.metrocom.ru (comanche.metrocom.ru [195.5.128.155])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C359F43E4C
	for <doc@FreeBSD.org>; Thu,  9 Nov 2006 13:42:44 +0000 (GMT)
	(envelope-from info@bozza.ru)
Received: from [213.182.178.180] ([213.182.178.180])
	by comanche.metrocom.ru (8.13.7/8.13.7) with ESMTP id kA9DgLfa077626
	for <doc@FreeBSD.org>; Thu, 9 Nov 2006 16:42:31 +0300 (MSK)
Date: Thu, 9 Nov 2006 16:42:13 +0300
From: info@bozza.ru
X-Mailer: The Bat! (v3.80.06) Professional
X-Priority: 3 (Normal)
Message-ID: <1598448522.20061109164214@bozza.ru>
To: doc@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1251
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: ClamAV version 0.88.6,
	clamav-milter version 0.88.6 on comanche.metrocom.ru
X-Virus-Status: Clean
X-Mailman-Approved-At: Thu, 09 Nov 2006 14:18:32 +0000
Cc: 
Subject: about 26.6 IPFW
X-BeenThere: freebsd-doc@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: info@bozza.ru
List-Id: Documentation project <freebsd-doc.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-doc>
List-Post: <mailto:freebsd-doc@freebsd.org>
List-Help: <mailto:freebsd-doc-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-doc>,
	<mailto:freebsd-doc-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Nov 2006 13:44:32 -0000

Hallo!

I'm Ilya, from Russia

I have small question about the page http://www.freebsd.org/doc/en_US.ISO88=
59-1/books/handbook/firewalls-ipfw.html:

I preferred this manual and always use it as a basic step.

I use config like the example in Example Ruleset #2 at the end of the page,
but it doesn't work without:

1. in /etc/rc.conf:
       firewall_type=3D"/usr/local/etc/firewall.conf"

       /usr/local/etc/firewall.conf:

             #xl1 - outside interface
             #xl0 - inner interface
             add allow ip from any to any via lo0
             add deny ip from any to 127.0.0.0/8
             add deny ip from 127.0.0.0/8 to any
             add divert natd all from any to any via xl1
             add allow all from any to any

I don't know, but may be it is needing to add on this manual?

=D1 =F3=E2=E0=E6=E5=ED=E8=E5=EC,
=C8=E2=E0=ED=EE=E2 =C8=EB=FC=FF
email: info@bozza.ru=20