FreeBSD Bugzilla – Attachment 50828 Details for
Bug 77370
[patch] Fix errors in IPF section of firewalls chapter
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 3.22 KB, created by
David Adam
on 2005-02-11 02:50:04 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
David Adam
Created:
2005-02-11 02:50:04 UTC
Size:
3.22 KB
patch
obsolete
>--- firewalls.chapter.sgml.orig 2005-02-11 09:45:29.000000000 +0800 >+++ firewalls.chapter.sgml 2005-02-11 10:35:31.000000000 +0800 >@@ -822,12 +822,11 @@ > > <para>Symbolic fields do not have the $ prefix.</para> > >- <para>The value to populate the Symbolic field must be enclosed >- with "double quotes".</para> >+ <para>The value to populate the symbolic field must be enclosed >+ with double quotes (<literal>"</literal>).</para> > > <para>Start your rule file with something like this:</para> > >- > <programlisting>############# Start of IPF rules script ######################## > > oif="dc0" # name of the outbound interface >@@ -836,7 +835,7 @@ > ks="keep state" > fks="flags S keep state" > >-# You can chose between building /etc/ipf.rules file >+# You can choose between building /etc/ipf.rules file > # from this script or running this script "as is". > # > # Uncomment only one line and comment out another. >@@ -860,25 +859,24 @@ > ################## End of IPF rules script ########################</programlisting> > > <para>That is all there is to it. The rules are not important in >- this example; how the Symbolic substitution field are populated >+ this example; how the symbolic substitution fields are populated > and used are. If the above example was in a file named <filename>/etc/ipf.rules.script</filename>, >- you could reload these rules by entering this on the command >- line:</para> >+ you could reload these rules by entering the following command:</para> > >- <programlisting><command>sh /etc/ipf.rules.script</command> >- </programlisting> >+ <screen>&prompt.root; <userinput>sh /etc/ipf.rules.script</command> >+ </screen> > > <para>There is one problem with using a rules file with embedded >- symbolics. IPF do not understand symbolic substitution, and >- can not read such scripts directly.</para> >+ symbolics: IPF does not understand symbolic substitution, and >+ cannot read such scripts directly.</para> > > <para>This script can be used in one of two ways:</para> > > <itemizedlist> > <listitem> >- <para>Uncomment line that begins from <command>cat</command> >- and comment out line that begins from >- <filename>/sbin/ipf</filename>. Place >+ <para>Uncomment the line that begins with <literal>cat</literal>, >+ and comment out the line that begins with >+ <literal>/sbin/ipf</literal>. Place > <literal>ipfilter_enable="YES"</literal> into > <filename>/etc/rc.conf</filename> as usual, and run > script once after each modification to create or update >@@ -903,11 +901,12 @@ > <para>The permissions on this script file must be read, write, > execute for owner <username>root</username>.</para> > >- <programlisting><command>chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh</command></programlisting> >+ <screen>&prompt.root; <userinput>chown root /usr/local/etc/rc.d/ipf.loadrules.sh</userinput> >+&prompt.root; <userinput>chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh</userinput></screen> > </listitem> > </itemizedlist> > >- <para>Now, when your system boots your IPF rules will be >+ <para>Now, when your system boots, your IPF rules will be > loaded.</para> > </sect2>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=50828">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 77370
: 50828