From owner-svn-doc-all@freebsd.org Mon Jan 28 12:37:46 2019
Return-Path:
Delivered-To: svn-doc-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mailman.ysv.freebsd.org (Postfix) with ESMTP id 56C7914B24FD;
Mon, 28 Jan 2019 12:37:46 +0000 (UTC)
(envelope-from dbaio@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
[IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
server-signature RSA-PSS (4096 bits)
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org",
Issuer "Let's Encrypt Authority X3" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id F01B789B0A;
Mon, 28 Jan 2019 12:37:45 +0000 (UTC)
(envelope-from dbaio@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
[IPv6:2610:1c1:1:6068::e6a:0])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DBACD1FB79;
Mon, 28 Jan 2019 12:37:45 +0000 (UTC)
(envelope-from dbaio@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x0SCbjkY042845;
Mon, 28 Jan 2019 12:37:45 GMT (envelope-from dbaio@FreeBSD.org)
Received: (from dbaio@localhost)
by repo.freebsd.org (8.15.2/8.15.2/Submit) id x0SCbjeX042844;
Mon, 28 Jan 2019 12:37:45 GMT (envelope-from dbaio@FreeBSD.org)
Message-Id: <201901281237.x0SCbjeX042844@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: dbaio set sender to
dbaio@FreeBSD.org using -f
From: "Danilo G. Baio"
Date: Mon, 28 Jan 2019 12:37:45 +0000 (UTC)
To: doc-committers@freebsd.org, svn-doc-all@freebsd.org,
svn-doc-head@freebsd.org
Subject: svn commit: r52785 - head/en_US.ISO8859-1/books/handbook/firewalls
X-SVN-Group: doc-head
X-SVN-Commit-Author: dbaio
X-SVN-Commit-Paths: head/en_US.ISO8859-1/books/handbook/firewalls
X-SVN-Commit-Revision: 52785
X-SVN-Commit-Repository: doc
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: F01B789B0A
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.96 / 15.00];
local_wl_from(0.00)[FreeBSD.org];
NEURAL_HAM_MEDIUM(-1.00)[-0.998,0];
NEURAL_HAM_SHORT(-0.97)[-0.967,0];
ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US];
NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: svn-doc-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "SVN commit messages for the entire doc trees \(except for "
user" , " projects" , and " translations"
\)"
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
X-List-Received-Date: Mon, 28 Jan 2019 12:37:46 -0000
Author: dbaio (ports committer)
Date: Mon Jan 28 12:37:45 2019
New Revision: 52785
URL: https://svnweb.freebsd.org/changeset/doc/52785
Log:
handbook: Improve Firewalls chapter
- Fix some dead links and punctuations
- pfctl_parser.c was moved to a new location since FreeBSD 10
- Fix a few service commands
Issues found when translating this chapter to pt_BR.
Reviewed by: bcr
Approved by: doc (bcr)
Differential Revision: https://reviews.freebsd.org/D18981
Modified:
head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Jan 27 01:50:51 2019 (r52784)
+++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Mon Jan 28 12:37:45 2019 (r52785)
@@ -173,8 +173,8 @@
and do a port number lookup to find the purpose of a particular
port number.
- Check out this link for port numbers used by Trojans http://www.sans.org/security-resources/idfaq/oddports.php.
+ Check out this link for port numbers used by Trojans.FTP has two modes: active mode and passive mode. The
difference is in how the data channel is acquired. Passive
@@ -606,8 +606,8 @@ options ALTQ_PRIQ # Priority Queuing (PR
More information about the scheduling
- algorithms and example rulesets are available at http://www.openbsd.org/faq/pf/queueing.html.
+ algorithms and example rulesets are available at the OpenBSD's web archive.
@@ -831,7 +831,7 @@ pass from { lo0, $localnet } to any keep state
A few other pass rules may be needed. This one enables
- SSH on the external interface::
+ SSH on the external interface:
pass in inet proto tcp to $ext_if port ssh
@@ -1009,7 +1009,7 @@ pass inet proto icmp from any to $ext_if keep state
If other types of ICMP packets are
needed, expand icmp_types to a list of
those packet types. Type more
- /usr/src/contrib/pf/pfctl/pfctl_parser.c to see
+ /usr/src/sbin/pfctl/pfctl_parser.c to see
the list of ICMP message types supported
by PF. Refer to http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml
@@ -1417,7 +1417,7 @@ rdr pass on $ext_if inet proto tcp from !<spamd-whi
When finished, reload the ruleset, start
spamd by typing
- service start obspamd, and complete
+ service obspamd start, and complete
the configuration using spamd-setup.
Finally, create a &man.cron.8; job which calls
spamd-setup to update the tables at
@@ -1472,8 +1472,8 @@ rdr pass on $ext_if inet proto tcp from !<spamd-whi
To complete the greylisting setup:
- &prompt.root; service restart obspamd
-&prompt.root; service start spamlogd
+ &prompt.root; service obspamd restart
+&prompt.root; service obspamlogd start
@@ -2164,7 +2164,7 @@ pif="dc0" # interface name of NIC attached to Inte
LAN should be assigned an
IP address in the private network space, as
defined by RFC
+ xlink:href="https://www.ietf.org/rfc/rfc1918.txt">RFC
1918, and have the default gateway set to the
&man.natd.8; system's internal IP
address.
@@ -2365,7 +2365,7 @@ good_tcpo="22,25,37,53,80,443,110"
configuration file.
For further configuration options, consult
- &man.natd.8;
+ &man.natd.8;.