From owner-freebsd-doc Fri Dec 28 2: 0: 7 2001 Delivered-To: freebsd-doc@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 6819437B41A for ; Fri, 28 Dec 2001 02:00:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id fBSA01c98245; Fri, 28 Dec 2001 02:00:01 -0800 (PST) (envelope-from gnats) Received: from riffraff.plig.net (riffraff.plig.net [195.40.6.40]) by hub.freebsd.org (Postfix) with ESMTP id 4D1EC37B416 for ; Fri, 28 Dec 2001 01:50:56 -0800 (PST) Received: by riffraff.plig.net (Postfix, from userid 3010) id 1EFA947C50; Fri, 28 Dec 2001 09:50:55 +0000 (GMT) Message-Id: <20011228095055.1EFA947C50@riffraff.plig.net> Date: Fri, 28 Dec 2001 09:50:55 +0000 (GMT) From: Marc Silver Reply-To: Marc Silver To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: docs/33270: MAINTAINER UPDATE: document changes to dialup firewall article Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 33270 >Category: docs >Synopsis: MAINTAINER UPDATE: document changes to dialup firewall article >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Fri Dec 28 02:00:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Marc Silver >Release: FreeBSD 4.3-STABLE i386 >Organization: >Environment: System: FreeBSD riffraff.plig.net 4.3-STABLE FreeBSD 4.3-STABLE #3: Thu Jul 12 16:56:00 BST 2001 shastie@riffraff.plig.net:/usr/src/sys/compile/RIFFRAFF i386 >Description: Firewall rules could potentially confuse readers by including rule numbers. I have removed these. >How-To-Repeat: >Fix: Please apply the following patch to the article: --- article.sgml.orig Thu Dec 27 20:55:36 2001 +++ article.sgml Thu Dec 27 20:56:13 2001 @@ -229,10 +229,10 @@ # Allow ICMP (for ping and traceroute to work). You may wish to # disallow this, but I feel it suits my needs to keep them in. -$fwcmd add 65435 allow icmp from any to any +$fwcmd add allow icmp from any to any # Deny all the rest. -$fwcmd add 65435 deny log ip from any to any +$fwcmd add deny log ip from any to any You now have a fully functional firewall that will allow on connections to ports 80 and 22 and will log any other connection >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message