View | Details | Raw Unified | Return to bug 211380
Collapse All | Expand All

(-)en_US.ISO8859-1/books/handbook/firewalls/chapter.xml (-2 / +3 lines)
Lines 2270-2281 Link Here
2270
	to pass.</para>
2270
	to pass.</para>
2271
2271
2272
      <programlisting>&dollar;cmd 499 deny log all from any to any
2272
      <programlisting>&dollar;cmd 499 deny log all from any to any
2273
&dollar;cmd 500 divert natd ip from any to any out via &dollar;pif # skipto location for outbound stateful rules
2273
&dollar;cmd 500 allow ip from me to not me out via &dollar;pif # avoid packets natd doesn't care about
2274
&dollar;cmd 501 divert natd ip from any to any out via &dollar;pif # skipto location for outbound stateful rules
2274
&dollar;cmd 510 allow ip from any to any</programlisting>
2275
&dollar;cmd 510 allow ip from any to any</programlisting>
2275
2276
2276
      <para>In this example, rules <literal>100</literal>,
2277
      <para>In this example, rules <literal>100</literal>,
2277
	<literal>101</literal>, <literal>125</literal>,
2278
	<literal>101</literal>, <literal>125</literal>,
2278
	<literal>500</literal>, and <literal>510</literal> control the
2279
	<literal>501</literal>, and <literal>510</literal> control the
2279
	address translation of the outbound and inbound packets so
2280
	address translation of the outbound and inbound packets so
2280
	that the entries in the dynamic state table always register
2281
	that the entries in the dynamic state table always register
2281
	the private <acronym>LAN</acronym> <acronym>IP</acronym>
2282
	the private <acronym>LAN</acronym> <acronym>IP</acronym>

Return to bug 211380