Date: Sun, 23 Jun 1996 09:44:16 -0600 From: Nate Williams <nate@sri.MT.net> To: nash@mcs.com Cc: freebsd-security@FreeBSD.org, gpalmer@FreeBSD.org, taob@io.org Subject: Re: IPFW documentation Message-ID: <199606231544.JAA18001@rocky.sri.MT.net> In-Reply-To: <199606221938.OAA12916@zen.nash.org> References: <199606221938.OAA12916@zen.nash.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Alex Nash writes: > > > I'm setting up a FreeBSD-based firewall here, and my original plan > > > was to go with IPFW in the kernel. However, it seems there isn't any > > > recent documentation for it (both the man page and the handbook entry > > > are out of date). > > > > I thought Alex Nash recently updated both? Have you tried our WWW > > pages to get the latest version? > > :( Unfortunately not. When I submitted my ipfw changes into -current, > my understanding was that 2.1.5 was about 2 weeks from being solidified. > The dilemma was whether I should risk bringing in mass changes into > -stable. After discussing this with Poul, I decided against doing so. I *sort of* agree. The problem is that both the man pages and the documentation we have is *wrong* and out of date. There have been *many* changes made to both the kernel and user-land code, but there has been *NO* documentation of it. >From /sys/netinet/ip_fw.c revision 1.14.4.7 date: 1996/05/06 20:32:01; author: phk; state: Exp; lines: +18 -14 Merge from head. >From ipfw.8 revision 1.7.4.6 date: 1996/02/26 15:26:59; author: phk; state: Exp; lines: +194 -29 Update to lates reality. We've got a problem here. I consider this a *bug*, and a critical one at that, especially given our potential customer base. The people most likely to use 2.1.5 are ISP's and such, who have both a need and a desire for the functionality of IPFW. > -stable has all the latest bug fixes, but lacks the updated > documentation. I'm sitting on some handbook changes because I didn't > want the handbook to *seem* up to date, but really only cover -current. What about the man-pages & the stuff in /etc? Are they correct and up to date? Even if the handbook stuff isn't correct, the on-line stuff should at least be somewhat correct. > If anyone has suggestions on where we should take -stable, I'd be > happy to hear them. If it looks like 2.1.5 will be delayed long > enough, we can see about bringing -stable up to the level of -current. We have until Tuesday to get things at least somewhat 'sane'. Please can you take the time to document what exists in -stable!?!? Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606231544.JAA18001>