From owner-svn-src-head@FreeBSD.ORG  Wed Jul 24 08:36:30 2013
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 3186F79A;
 Wed, 24 Jul 2013 08:36:30 +0000 (UTC) (envelope-from se@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 2336821FE;
 Wed, 24 Jul 2013 08:36:30 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r6O8aTmi080167;
 Wed, 24 Jul 2013 08:36:29 GMT (envelope-from se@svn.freebsd.org)
Received: (from se@localhost)
 by svn.freebsd.org (8.14.7/8.14.5/Submit) id r6O8aT7V080166;
 Wed, 24 Jul 2013 08:36:29 GMT (envelope-from se@svn.freebsd.org)
Message-Id: <201307240836.r6O8aT7V080166@svn.freebsd.org>
From: Stefan Esser <se@FreeBSD.org>
Date: Wed, 24 Jul 2013 08:36:29 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r253597 - head/sbin/ipfw
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2013 08:36:30 -0000

Author: se
Date: Wed Jul 24 08:36:29 2013
New Revision: 253597
URL: http://svnweb.freebsd.org/changeset/base/253597

Log:
  Remove duplicated parapgraph.
  
  MFC after:	3 days

Modified:
  head/sbin/ipfw/ipfw.8

Modified: head/sbin/ipfw/ipfw.8
==============================================================================
--- head/sbin/ipfw/ipfw.8	Wed Jul 24 08:02:56 2013	(r253596)
+++ head/sbin/ipfw/ipfw.8	Wed Jul 24 08:36:29 2013	(r253597)
@@ -3049,16 +3049,6 @@ option could be used to (re)mark user tr
 by adding the following to the appropriate place in ruleset:
 .Pp
 .Dl "ipfw add setdscp be ip from any to any dscp af11,af21"
-.Pp
-This rule drops all incoming packets that appear to be coming from another
-directly connected system but on the wrong interface.
-For example, a packet with a source address of
-.Li 192.168.0.0/24 ,
-configured on
-.Li fxp0 ,
-but coming in on
-.Li fxp1
-would be dropped.
 .Ss DYNAMIC RULES
 In order to protect a site from flood attacks involving fake
 TCP packets, it is safer to use dynamic rules: