--- en_US.ISO8859-1/books/handbook/firewalls/chapter.xml (révision 52337)
+++ en_US.ISO8859-1/books/handbook/firewalls/chapter.xml (copie de travail)
@@ -718,8 +718,8 @@
running PF to act as a gateway
for at least one other machine. The gateway needs at least
two network interfaces, each connected to a separate
- network. In this example, xl1 is
- connected to the Internet and xl0 is
+ network. In this example, xl0 is
+ connected to the Internet and xl1 is
connected to the internal network.
First, enable the gateway in order to let the machine
@@ -744,9 +744,9 @@
Next, create the PF rules to
allow the gateway to pass traffic. While the following rule
- allows stateful traffic to pass from the Internet to hosts
- on the network, the to keyword does not
- guarantee passage all the way from source to
+ allows stateful traffic from hosts of the internal network
+ to pass to the gateway, the to keyword
+ does not guarantee passage all the way from source to
destination:
pass in on xl1 from xl1:network to xl0:network port $ports keep state