From owner-freebsd-doc Sun Oct 27 2: 6:13 2002 Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9F87D37B401 for ; Sun, 27 Oct 2002 02:06:12 -0800 (PST) Received: from abigail.blackend.org (blackend.org [212.11.50.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C87843E3B for ; Sun, 27 Oct 2002 02:06:09 -0800 (PST) (envelope-from marc@blackend.org) Received: from abigail.blackend.org (localhost [127.0.0.1]) by abigail.blackend.org (8.12.3/8.12.3) with ESMTP id g9RA3GvN034767; Sun, 27 Oct 2002 11:03:16 +0100 (CET) (envelope-from marc@abigail.blackend.org) Received: (from marc@localhost) by abigail.blackend.org (8.12.3/8.12.3/Submit) id g9RA38Qn034766; Sun, 27 Oct 2002 11:03:08 +0100 (CET) (envelope-from marc) Date: Sun, 27 Oct 2002 11:03:08 +0100 From: Marc Fonvieille To: Sue Blake Cc: freebsd-doc@freebsd.org Subject: Re: IPFW doc inconsistency Message-ID: <20021027110308.A34658@abigail.blackend.org> References: <20021027182427.S363@welearn.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20021027182427.S363@welearn.com.au>; from sue@welearn.com.au on Sun, Oct 27, 2002 at 06:24:28PM +1100 X-Useless-Header: blackend.org X-Operating-System: FreeBSD 4.6-PRERELEASE Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Oct 27, 2002 at 06:24:28PM +1100, Sue Blake wrote: > The handbook says that the kernel must be rebuilt before IPFW can > be used, but firewall(7) says that it is not essential to build a > customer(sic) kernel. > That typo was fixed on -CURRENT but never merged :) > I suspect the former gives not quite the whole story, and the latter > has a small typo. Maybe someone more knowledgeable could check whether > I'm reading correctly and fix if necessary? > The Handbook section about ipfw is quite old, so not in sync with "current" FreeBSD. You can now use ipfw as module, a custom kernel is not mandatory for packet filtering but for diverting (NATD) you need a specific kernel (options DIVERT). Marc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message