FreeBSD Bugzilla – Attachment 16238 Details for
Bug 29842
Stilted language and improper puncuation in Dialup firewalling with FreeBSD article
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 6.65 KB, created by
Charlie &
on 2001-08-18 04:10:01 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Charlie &
Created:
2001-08-18 04:10:01 UTC
Size:
6.65 KB
patch
obsolete
>--- article.sgml.orig Fri Aug 17 13:40:05 2001 >+++ article.sgml Fri Aug 17 14:56:16 2001 >@@ -39,23 +39,22 @@ > > <para>Dialup Firewalling with FreeBSD</para> > >- <para>This document aims to cover the process that is required in >- order to setup firewalling with FreeBSD when are dynamically >- assigned an IP address by your ISP. While every effort has been >- made to make this document as informative and correct as possible, >- you are welcome to mail your comments/suggestions to the >- <email>marcs@draenor.org</email>.</para> >+ <para>This document covers the process that is required to setup >+ firewalling with FreeBSD when an IP address is assigned dynamically >+ by your ISP. While every effort has been made to make this document >+ as informative and correct as possible, you are welcome to mail your >+ comments/suggestions to the <email>marcs@draenor.org</email>.</para> > </sect1> > > <sect1 id="kernel"> > <title>Kernel Options</title> > >- <para>The first thing you'll need to do is recompile your kernel in >- FreeBSD. If you need more information on how to recompile the kernel, >+ <para>The first thing you'll need to do is recompile your kernel. >+ If you need more information on how to recompile the kernel, > then the best place to start is the <ulink > URL="http://www.freebsd.org/handbook/kernelconfig.html">kernel >- configuration section in the Handbook</ulink>. You need to compile the >- following options into the kernel: </para> >+ configuration section in the Handbook</ulink>. You need to add the >+ following options into your kernel config: </para> > > <variablelist> > <varlistentry> >@@ -80,7 +79,7 @@ > > <listitem> > <para>Limits the number of times a matching entry is logged. This >- stops your log files filling up with lots of repetitive entries. >+ prevents your log file from filling up with lots of repetitive entries. > <replaceable>100</replaceable> is a reasonable number to use, but > you can adjust it based on your requirements.</para> > </listitem> >@@ -96,7 +95,7 @@ > </varlistentry> > </variablelist> > >- <para>There are also some other OPTIONAL items that you can compile >+ <para>There are some other OPTIONAL items that you can compile > into the kernel for some added security. These are not required in > order to get firewalling to work, but some more paranoid users may > want to use them.</para> >@@ -115,8 +114,8 @@ > </varlistentry> > </variablelist> > >- <para>Don't reboot once you have recompiled the kernel. Hopefully, we will >- need to reboot just once in order to complete the installing of the >+ <para>Don't reboot once you have recompiled the kernel. Hopefully, >+ we will only need to reboot once to complete the installation of the > firewall.</para> > </sect1> > >@@ -126,7 +125,7 @@ > > <para>We now need to make some changes to > <filename>/etc/rc.conf</filename> in order to tell it about the >- firewall. Simply add the following lines:</para> >+ firewall. Simply add the following lines:</para> > > <programlisting>firewall_enable="YES" > firewall_script="/etc/firewall/fwrules" >@@ -134,8 +133,8 @@ > natd_interface="tun0" > natd_flags="-dynamic"</programlisting> > >- <para>For more information on what the above do take a look at >- <filename>/etc/defaults/rc.conf</filename> and read >+ <para>For more information on the functions of these statements take >+ a look at <filename>/etc/defaults/rc.conf</filename> and read > &man.rc.conf.5;</para> > </sect1> > >@@ -143,11 +142,11 @@ > <title>Disable PPP's network address translation</title> > > <para>You may already be using PPP's built in network address >- translation (NAT). If that is the case you will have to disable it, >- as these examples use &man.natd.8; to do the same.</para> >+ translation (NAT). If that is the case then you will have to disable >+ it, as these examples use &man.natd.8; to do the same.</para> > > <para>If you already have a block of entries to >- automatically start PPP it probably looks like this:</para> >+ automatically start PPP, it probably looks like this:</para> > > <programlisting>ppp_enable="YES" > ppp_mode="auto" >@@ -163,26 +162,26 @@ > <sect1 id="rules"> > <title>The ruleset for the firewall</title> > >- <para>We're nearly done now. All that remains now is to define the >+ <para>We're nearly done now. All that remains now is to define the > firewall rules and then we can reboot and the firewall should be up and >- running. I realize that everyone will want something slightly different >- when it comes to their rulebase. What I've tried to do is write a >- rulebase that suits most dialup users. You can obviously modify it to >- your needs by simply using the following rules as the foundation for >+ running. I realize that everyone will want something slightly different >+ when it comes to their rulebase. What I've tried to do is write a >+ rulebase that suits most dialup users. You can obviously modify it to >+ your needs by using the following rules as the foundation for > your own rulebase. First, let's start with the basics of closed >- firewalling. What you want to do is deny everything by default and then >- only open up for the things you really need. Rules should be in the >- order of allow first and then deny. The premise is that you add the >- rules for your allows, and then everything else is denied. :)</para> >+ firewalling. What you want to do is deny everything by default and then >+ only open up for the things you really need. Rules should be in the >+ order of allow first and then deny. The premise is that you add the >+ rules for your allows, and then everything else is denied. :)</para> > > <para>Now, let's make the dir /etc/firewall. Change into the directory and > edit the file <filename>fwrules</filename> as we specified in >- <filename>rc.conf</filename>. Please note that you can change this >- filename to be anything you wish. This guide just gives an example of a >+ <filename>rc.conf</filename>. Please note that you can change this >+ filename to anything you wish. This guide just gives an example of a > filename. </para> > >- <para>Now, let's look at a sample firewall file, and we'll detail >- everything in it. </para> >+ <para>Now, let's look at a sample firewall file, that is commented nicely. >+ </para> > > <programlisting># Firewall rules > # Written by Marc Silver (marcs@draenor.org)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=16238">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 29842
: 16238