From owner-svn-src-all@freebsd.org Tue Sep 3 14:07:39 2019 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 297CDDD04C; Tue, 3 Sep 2019 14:06:51 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46N7zt3Gyqz4Py4; Tue, 3 Sep 2019 14:06:50 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 1452) id E2E231AC6A; Tue, 3 Sep 2019 14:06:18 +0000 (UTC) X-Original-To: yuripv@localmail.freebsd.org Delivered-To: yuripv@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [96.47.72.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id 3B528150F0; Sun, 14 Apr 2019 12:14:34 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 82AED8EDF7; Sun, 14 Apr 2019 12:14:33 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 538) id 0D5F8150A0; Sun, 14 Apr 2019 12:14:30 +0000 (UTC) Delivered-To: src-committers@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [96.47.72.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id E3B1B15036 for ; Sun, 14 Apr 2019 12:14:26 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5C13A8ED3C; Sun, 14 Apr 2019 12:14:26 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0AA192050E; Sun, 14 Apr 2019 12:14:26 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x3ECEPnq042467; Sun, 14 Apr 2019 12:14:25 GMT (envelope-from ae@FreeBSD.org) Received: (from ae@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x3ECEPJT042466; Sun, 14 Apr 2019 12:14:25 GMT (envelope-from ae@FreeBSD.org) Message-Id: <201904141214.x3ECEPJT042466@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ae set sender to ae@FreeBSD.org using -f From: "Andrey V. Elsukov" To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r346208 - stable/11/sbin/ipfw X-SVN-Group: stable-11 X-SVN-Commit-Author: ae X-SVN-Commit-Paths: stable/11/sbin/ipfw X-SVN-Commit-Revision: 346208 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk X-Loop: FreeBSD.org Sender: owner-src-committers@freebsd.org X-Rspamd-Queue-Id: 82AED8EDF7 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.97 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.97)[-0.970,0]; ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] Status: O X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Tue, 03 Sep 2019 14:07:39 -0000 X-Original-Date: Sun, 14 Apr 2019 12:14:25 +0000 (UTC) X-List-Received-Date: Tue, 03 Sep 2019 14:07:39 -0000 Author: ae Date: Sun Apr 14 12:14:25 2019 New Revision: 346208 URL: https://svnweb.freebsd.org/changeset/base/346208 Log: MFC r344709 (by ygy): Fix typos and caps for ipfw(8) man page. PR: 236030 Submitted by: olgeni Modified: stable/11/sbin/ipfw/ipfw.8 Directory Properties: stable/11/ (props changed) Modified: stable/11/sbin/ipfw/ipfw.8 ============================================================================== --- stable/11/sbin/ipfw/ipfw.8 Sun Apr 14 12:11:45 2019 (r346207) +++ stable/11/sbin/ipfw/ipfw.8 Sun Apr 14 12:14:25 2019 (r346208) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 4, 2018 +.Dd March 1, 2019 .Dt IPFW 8 .Os .Sh NAME @@ -1329,11 +1329,11 @@ its use is discouraged. .Brc .Bl -tag -width indent .It Cm any -matches any IP address. +Matches any IP address. .It Cm me -matches any IP address configured on an interface in the system. +Matches any IP address configured on an interface in the system. .It Cm me6 -matches any IPv6 address configured on an interface in the system. +Matches any IPv6 address configured on an interface in the system. The address list is evaluated at the time the packet is analysed. .It Cm table Ns Pq Ar name Ns Op , Ns Ar value @@ -2083,7 +2083,7 @@ The following table types are supported: .It Ar flow-spec : Ar flow-field Ns Op , Ns Ar flow-spec .It Ar flow-field : src-ip | proto | src-port | dst-ip | dst-port .It Cm addr -matches IPv4 or IPv6 address. +Matches IPv4 or IPv6 address. Each entry is represented by an .Ar addr Ns Op / Ns Ar masklen and will match all addresses with base @@ -2097,11 +2097,11 @@ is not specified, it defaults to 32 for IPv4 and 128 f When looking up an IP address in a table, the most specific entry will match. .It Cm iface -matches interface names. +Matches interface names. Each entry is represented by string treated as interface name. Wildcards are not supported. .It Cm number -maches protocol ports, uids/gids or jail IDs. +Matches protocol ports, uids/gids or jail IDs. Each entry is represented by 32-bit unsigned integer. Ranges are not supported. .It Cm flow @@ -2792,7 +2792,7 @@ specifies the quantum (credit) of the scheduler. .Ar m is the number of bytes a queue can serve before being moved to the tail of old queues list. -The default is 1514 bytes, and the maximum accepable value +The default is 1514 bytes, and the maximum acceptable value is 9000 bytes. .It Cm limit .Ar m @@ -2800,14 +2800,14 @@ specifies the hard size limit (in unit of packets) of instance of the scheduler. The default value of .Ar m -is 10240 packets, and the maximum accepable value is 20480 packets. +is 10240 packets, and the maximum acceptable value is 20480 packets. .It Cm flows .Ar m specifies the total number of flow queues (sub-queues) that fq_* creates and manages. By default, 1024 sub-queues are created when an instance of the fq_{codel/pie} scheduler is created. -The maximum accepable value is +The maximum acceptable value is 65536. .El .Pp @@ -2906,7 +2906,7 @@ is the typical queue size for Ethernet devices. Note that for slow speed links you should keep the queue size short or your traffic might be affected by a significant queueing delay. -E.g., 50 max-sized ethernet packets (1500 bytes) mean 600Kbit +E.g., 50 max-sized Ethernet packets (1500 bytes) mean 600Kbit or 20s of queue on a 30Kbit/s pipe. Even worse effects can result if you get packets from an interface with a much larger MTU, e.g.\& the loopback interface @@ -3053,7 +3053,7 @@ De-randomisation is enabled by default. .It Cm onoff enable turning PIE on and off depending on queue load. If this option is enabled, -PIE turnes on when over 1/3 of queue becomes full. +PIE turns on when over 1/3 of queue becomes full. This option is disabled by default. .It Cm dre | ts @@ -4035,7 +4035,7 @@ by adding the following to the appropriate place in ru If your network has network traffic analyzer connected to your host directly via dedicated interface or remotely via RSPAN vlan, you can selectively mirror -some ethernet layer2 frames to the analyzer. +some Ethernet layer2 frames to the analyzer. .Pp First, make sure your firewall is already configured and runs. Then, enable layer2 processing if not already enabled: @@ -4380,7 +4380,7 @@ or it could be split in: .Dl "ipfw nat 5 config redirect_port tcp" .Dl " 192.168.0.1:80,192.168.0.10:22,192.168.0.20:25 500" .Pp -Sometimes you may want to mix NAT and dynamic rules. It could be achived with +Sometimes you may want to mix NAT and dynamic rules. It could be achieved with .Cm record-state and .Cm defer-action @@ -4393,8 +4393,8 @@ rule will be performed as soon as rule is matched. In .Cm allow rule packet need to be passed to NAT, not allowed as soon is possible. .Pp -There is example of set of rules to achive this. Bear in mind that this -is exmaple only and it is not very usefult by itself. +There is example of set of rules to achieve this. Bear in mind that this +is exmaple only and it is not very useful by itself. .Pp On way out, after all checks place this rules: .Pp