From owner-svn-doc-all@freebsd.org Mon Jan 28 12:37:46 2019 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 56C7914B24FD; Mon, 28 Jan 2019 12:37:46 +0000 (UTC) (envelope-from dbaio@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id F01B789B0A; Mon, 28 Jan 2019 12:37:45 +0000 (UTC) (envelope-from dbaio@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DBACD1FB79; Mon, 28 Jan 2019 12:37:45 +0000 (UTC) (envelope-from dbaio@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x0SCbjkY042845; Mon, 28 Jan 2019 12:37:45 GMT (envelope-from dbaio@FreeBSD.org) Received: (from dbaio@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x0SCbjeX042844; Mon, 28 Jan 2019 12:37:45 GMT (envelope-from dbaio@FreeBSD.org) Message-Id: <201901281237.x0SCbjeX042844@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dbaio set sender to dbaio@FreeBSD.org using -f From: "Danilo G. Baio" Date: Mon, 28 Jan 2019 12:37:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r52785 - head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Group: doc-head X-SVN-Commit-Author: dbaio X-SVN-Commit-Paths: head/en_US.ISO8859-1/books/handbook/firewalls X-SVN-Commit-Revision: 52785 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: F01B789B0A X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.96 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.998,0]; NEURAL_HAM_SHORT(-0.97)[-0.967,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jan 2019 12:37:46 -0000 Author: dbaio (ports committer) Date: Mon Jan 28 12:37:45 2019 New Revision: 52785 URL: https://svnweb.freebsd.org/changeset/doc/52785 Log: handbook: Improve Firewalls chapter - Fix some dead links and punctuations - pfctl_parser.c was moved to a new location since FreeBSD 10 - Fix a few service commands Issues found when translating this chapter to pt_BR. Reviewed by: bcr Approved by: doc (bcr) Differential Revision: https://reviews.freebsd.org/D18981 Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Jan 27 01:50:51 2019 (r52784) +++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Mon Jan 28 12:37:45 2019 (r52785) @@ -173,8 +173,8 @@ and do a port number lookup to find the purpose of a particular port number. - Check out this link for port numbers used by Trojans http://www.sans.org/security-resources/idfaq/oddports.php. + Check out this link for port numbers used by Trojans. FTP has two modes: active mode and passive mode. The difference is in how the data channel is acquired. Passive @@ -606,8 +606,8 @@ options ALTQ_PRIQ # Priority Queuing (PR More information about the scheduling - algorithms and example rulesets are available at http://www.openbsd.org/faq/pf/queueing.html. + algorithms and example rulesets are available at the OpenBSD's web archive. @@ -831,7 +831,7 @@ pass from { lo0, $localnet } to any keep state A few other pass rules may be needed. This one enables - SSH on the external interface:: + SSH on the external interface: pass in inet proto tcp to $ext_if port ssh @@ -1009,7 +1009,7 @@ pass inet proto icmp from any to $ext_if keep state

If other types of ICMP packets are needed, expand icmp_types to a list of those packet types. Type more - /usr/src/contrib/pf/pfctl/pfctl_parser.c to see + /usr/src/sbin/pfctl/pfctl_parser.c to see the list of ICMP message types supported by PF. Refer to http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml @@ -1417,7 +1417,7 @@ rdr pass on $ext_if inet proto tcp from !<spamd-whi When finished, reload the ruleset, start spamd by typing - service start obspamd, and complete + service obspamd start, and complete the configuration using spamd-setup. Finally, create a &man.cron.8; job which calls spamd-setup to update the tables at @@ -1472,8 +1472,8 @@ rdr pass on $ext_if inet proto tcp from !<spamd-whi To complete the greylisting setup: - &prompt.root; service restart obspamd -&prompt.root; service start spamlogd + &prompt.root; service obspamd restart +&prompt.root; service obspamlogd start @@ -2164,7 +2164,7 @@ pif="dc0" # interface name of NIC attached to Inte LAN should be assigned an IP address in the private network space, as defined by RFC + xlink:href="https://www.ietf.org/rfc/rfc1918.txt">RFC 1918, and have the default gateway set to the &man.natd.8; system's internal IP address. @@ -2365,7 +2365,7 @@ good_tcpo="22,25,37,53,80,443,110" configuration file. For further configuration options, consult - &man.natd.8; + &man.natd.8;.