From owner-freebsd-doc  Fri Mar  8 14: 0:12 2002
Delivered-To: freebsd-doc@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id E91F637B419
	for <freebsd-doc@freebsd.org>; Fri,  8 Mar 2002 14:00:02 -0800 (PST)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g28M02G94436;
	Fri, 8 Mar 2002 14:00:02 -0800 (PST)
	(envelope-from gnats)
Received: from lists.blarg.net (lists.blarg.net [206.124.128.17])
	by hub.freebsd.org (Postfix) with ESMTP id C19B037B404
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  8 Mar 2002 13:58:54 -0800 (PST)
Received: from thig.blarg.net (thig.blarg.net [206.124.128.18])
	by lists.blarg.net (Postfix) with ESMTP id 78C9DBD95
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  8 Mar 2002 13:58:54 -0800 (PST)
Received: from localhost.localdomain ([206.124.139.115])
	by thig.blarg.net (8.9.3/8.9.3) with ESMTP id NAA30199
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 8 Mar 2002 13:58:54 -0800
Received: (from jojo@localhost)
	by localhost.localdomain (8.11.6/8.11.3) id g28M2QZ00912;
	Fri, 8 Mar 2002 14:02:26 -0800 (PST)
	(envelope-from swear@blarg.net)
Message-Id: <3ag03ag1l9.03a@localhost.localdomain>
Date: 08 Mar 2002 14:02:26 -0800
From: "Gary W. Swearingen" <swear@blarg.net>
Reply-To: swear@blarg.net
To: FreeBSD-gnats-submit@freebsd.org
Subject: docs/35686: blackhole(4) page seems to contradict itself in WARNING
Sender: owner-freebsd-doc@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-doc.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-doc>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-doc>
X-Loop: FreeBSD.org


>Number:         35686
>Category:       docs
>Synopsis:       blackhole(4) page seems to contradict itself in WARNING
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 08 14:00:02 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Gary W. Swearingen
>Release:        FreeBSD 4.5-STABLE i386
>Organization:
none
>Environment:
n/a
================
>Description:

The "warnings" section of the blackhole(4) man page has these two
statements:

    In order to create a highly secure system, ipfw(8) should be used
    for protection, not the blackhole feature.

    This mechanism is not a substitute for securing a system.  It should
    be used together with other security mechanisms.

The first implies that blackhole shouldn't be used with, say, ipfw,
while the second implies that it should.  It needs clarification.

================
>How-To-Repeat:
n/a
================
>Fix:
?

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message