From owner-freebsd-doc  Sun Oct 27  9:12: 0 2002
Delivered-To: freebsd-doc@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 796F637B401; Sun, 27 Oct 2002 09:11:59 -0800 (PST)
Received: from www.reppep.com (www.reppep.com [66.92.104.200])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 47A6643E42; Sun, 27 Oct 2002 09:11:55 -0800 (PST)
	(envelope-from pepper@reppep.com)
Received: from [66.92.104.201] (g4.reppep.com [66.92.104.201])
	by www.reppep.com (Postfix) with ESMTP
	id B62FEAC58; Sun, 27 Oct 2002 12:11:52 -0500 (EST)
Mime-Version: 1.0
X-Sender: pepper@mail.reppep.com
Message-Id: <p05300702b9e1cdced749@[66.92.104.201]>
In-Reply-To: <20021027110308.A34658@abigail.blackend.org>
References: <20021027182427.S363@welearn.com.au>
 <20021027110308.A34658@abigail.blackend.org>
Date: Sun, 27 Oct 2002 12:08:52 -0500
To: Marc Fonvieille <blackend@freebsd.org>
From: Chris Pepper <pepper@reppep.com>
Subject: Re: IPFW doc inconsistency
Cc: Sue Blake <sue@welearn.com.au>, freebsd-doc@freebsd.org
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-doc@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-doc.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-doc>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-doc>
X-Loop: FreeBSD.org

At 11:03 AM +0100 2002/10/27, Marc Fonvieille wrote:
>On Sun, Oct 27, 2002 at 06:24:28PM +1100, Sue Blake wrote:
>>  The handbook says that the kernel must be rebuilt before IPFW can
>>  be used, but firewall(7) says that it is not essential to build a
>>  customer(sic) kernel.
>>
>
>That typo was fixed on -CURRENT but never merged :)
>
>>  I suspect the former gives not quite the whole story, and the latter
>>  has a small typo. Maybe someone more knowledgeable could check whether
>>  I'm reading correctly and fix if necessary?
>>
>
>The Handbook section about ipfw is quite old, so not in sync with
>"current" FreeBSD.
>You can now use ipfw as module, a custom kernel is not mandatory for
>packet filtering but for diverting (NATD) you need a specific kernel
>(options DIVERT).

	FYI, I am most of the way through working up a change to 
ipfw.8 and partway through a Handbook section on how to enable 
through rc.conf.


						Chris
-- 
Chris Pepper:               <http://www.reppep.com/~pepper/>
Rockefeller University:     <http://www.rockefeller.edu/>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message