CVS log for doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
![[BACK]](/gifs/back.gif){kind=small}
Up to [FreeBSD] / doc / en_US.ISO8859-1 / books / handbook / firewalls
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Revision 1.98: download - view: text, markup, annotated - select for diffs
Mon Jan 16 02:33:45 2012 UTC (3 weeks, 5 days ago) by gjb
Branches: MAIN
CVS tags: HEAD
Diff to: previous 1.97: preferred, colored
Changes since revision 1.97: +4 -4 lines
Update or remove some broken link in the Handbook.
Revision 1.97: download - view: text, markup, annotated - select for diffs
Mon Oct 17 00:52:46 2011 UTC (3 months, 3 weeks ago) by gjb
Branches: MAIN
Diff to: previous 1.96: preferred, colored
Changes since revision 1.96: +4 -2 lines
Document as of r223637, FreeBSD's PF version is in sync with OpenBSD 4.5.
Revision 1.96: download - view: text, markup, annotated - select for diffs
Thu Apr 14 14:35:46 2011 UTC (9 months, 4 weeks ago) by ryusuke
Branches: MAIN
CVS tags: RELEASE_9_0_0
Diff to: previous 1.95: preferred, colored
Changes since revision 1.95: +2 -2 lines
Update the description of RULE_NUMBER. PR: docs/150736 Reported by: brucec@
Revision 1.95: download - view: text, markup, annotated - select for diffs
Wed Dec 1 20:37:04 2010 UTC (14 months, 1 week ago) by rene
Branches: MAIN
CVS tags: RELEASE_8_2_0, RELEASE_7_4_0
Diff to: previous 1.94: preferred, colored
Changes since revision 1.94: +5 -9 lines
Remove support for FreeBSD prior to 7.0 from the Handbook. More specifically: - mentions of old versions of FreeBSD in historical context are left in tact - remove section about KerberosIV - remove section about SAP R/3 - remove mentions of XFree86 - only support gvinum - update examples to 7.X or 8.X - remove Alpha support - add COMPAT_FREEBSD[67] kernel options - csup(1) now only in the base system - update (tty) device names, add warnings for 7.X - remove MD5 from the port checksum algorithms - update port versions (probably not all) - add definitions for ctm-src[5-8] to mailing-lists.ent Reviewed by: bcr, joel, remko, simon
Revision 1.94: download - view: text, markup, annotated - select for diffs
Tue Aug 10 12:20:24 2010 UTC (18 months ago) by pgj
Branches: MAIN
Diff to: previous 1.93: preferred, colored
Changes since revision 1.93: +1 -1 lines
- Reference ipf(5) instead of ipmon(8) because it is a better source of information regarding logging TCP packets, and it already points to that manual page PR: docs/144881 Submitted by: Glen Barber <glen.j.barber@gmail.com>
Revision 1.93: download - view: text, markup, annotated - select for diffs
Sat Jul 17 05:20:55 2010 UTC (18 months, 3 weeks ago) by pgj
Branches: MAIN
Diff to: previous 1.92: preferred, colored
Changes since revision 1.92: +4 -4 lines
- Change security to local0 for ipmon(8) as the default syslogd(8) logging facility, since this is how it works these days. PR: docs/131584 Submitted by: Joe <joeb@a1poweruser.com>
Revision 1.92: download - view: text, markup, annotated - select for diffs
Fri Dec 11 20:13:07 2009 UTC (2 years, 2 months ago) by bcr
Branches: MAIN
CVS tags: RELEASE_8_1_0, RELEASE_7_3_0
Diff to: previous 1.91: preferred, colored
Changes since revision 1.91: +6 -20 lines
Add the version of PF in FreeBSD 8.X to the handbook. The patch in the PR was modified because handbook descriptions regarding FreeBSD 5.X and 6.X are not mainstream anymore. Fix this by collapsing the list into a single sentence. Discussed with: jkois (mentor) Approved by: jkois (mentor) PR: docs/141042 Submitted by: Glen Barber (glen dot j dot barber at gmail dot com)
Revision 1.91: download - view: text, markup, annotated - select for diffs
Fri Nov 27 17:11:33 2009 UTC (2 years, 2 months ago) by brd
Branches: MAIN
Diff to: previous 1.90: preferred, colored
Changes since revision 1.90: +31 -18 lines
Clean up the PF section on loading kernel modules. - Give specific clear examples on how to load the pf module and the pflog module. - Remove some information that is stated in the section right above. - Update the doc to reflect that pflog is now its own module. [1] PR: 140896 [1]
Revision 1.90: download - view: text, markup, annotated - select for diffs
Tue Sep 1 13:41:42 2009 UTC (2 years, 5 months ago) by manolis
Branches: MAIN
CVS tags: RELEASE_8_0_0
Diff to: previous 1.89: preferred, colored
Changes since revision 1.89: +7 -6 lines
IPFW uses 'deny' (or 'drop') instead of 'block'. Fix two examples and slightly rephrase the description for clarity. Submitted by: Nikos Isaris <nakaliptos at gmail dot com>
Revision 1.89: download - view: text, markup, annotated - select for diffs
Tue May 19 15:43:13 2009 UTC (2 years, 8 months ago) by ganbold
Branches: MAIN
Diff to: previous 1.88: preferred, colored
Changes since revision 1.88: +1 -1 lines
s/insure/ensure
Revision 1.88: download - view: text, markup, annotated - select for diffs
Tue May 19 15:27:01 2009 UTC (2 years, 8 months ago) by ganbold
Branches: MAIN
Diff to: previous 1.87: preferred, colored
Changes since revision 1.87: +1 -1 lines
s/them/then
Revision 1.87: download - view: text, markup, annotated - select for diffs
Wed May 13 17:20:58 2009 UTC (2 years, 9 months ago) by manolis
Branches: MAIN
Diff to: previous 1.86: preferred, colored
Changes since revision 1.86: +452 -502 lines
A revamp of Handbook's 'firewalls' chapter. This is a rather lengthy patch, that attempts to fix several problems: - Reduce repetition. There are several paragraphs in the original text that are repeated throughout the sections - Markup fixes. Replace single quotes with <literal> tags, add <acronym>s and several other changes to improve markup consistency - Convert to passive voice where possible, eliminate few first person references - Several grammar and language fixes - The original text implied that the same TCP packet would go back and forth between source and destination. Rephrase relevant paragraphs to clarify these are different packets - Includes many fixes submitted in a PR [1] and a link fix submitted on -doc [2] - Numerous other smaller changes, too many to mention here PR: docs/131568 [1] Submitted by: Chris Pepper <pepper@cbio.mskcc.org> [1] Submitted by: Phillip Nordwall <Phillip.Nordwall@wwu.edu> [2] Reviewed by: trhodes, keramida
Revision 1.86: download - view: text, markup, annotated - select for diffs
Wed Dec 24 01:33:40 2008 UTC (3 years, 1 month ago) by danger
Branches: MAIN
CVS tags: RELEASE_7_2_0
Diff to: previous 1.85: preferred, colored
Changes since revision 1.85: +4 -16 lines
- remove WIP note from the IPFW section, I don't think it belongs there, all documentation is actually WIP... - add a note that IPFW now supports both IPv4 and IPv6 - remove now obsoleted IPV6FIREWALL* options (see http://lists.freebsd.org/pipermail/freebsd-questions/2008-December/189329.html) Inspired by: http://forums.freebsd.org/showthread.php?t=1110
Revision 1.85: download - view: text, markup, annotated - select for diffs
Wed Aug 6 22:03:49 2008 UTC (3 years, 6 months ago) by pgj
Branches: MAIN
CVS tags: RELEASE_7_1_0, RELEASE_6_4_0
Diff to: previous 1.84: preferred, colored
Changes since revision 1.84: +2 -2 lines
Eliminate erroneous role="directory" attributes from <filename> elements and replace them with class="directory" [1][2] [1] http://docbook.org/tdg/en/html/filename.html [2] http://www.freebsd.org/doc/en/books/fdp-primer/sgml-markup-docbook.html#AEN1799 (4.2.5.5) Approved by: trhodes, gabor (mentor)
Revision 1.84: download - view: text, markup, annotated - select for diffs
Thu Jul 17 18:16:19 2008 UTC (3 years, 6 months ago) by danger
Branches: MAIN
Diff to: previous 1.83: preferred, colored
Changes since revision 1.83: +1 -1 lines
- remove superfluous character.
Revision 1.83: download - view: text, markup, annotated - select for diffs
Sun Jun 15 13:16:49 2008 UTC (3 years, 7 months ago) by gabor
Branches: MAIN
Diff to: previous 1.82: preferred, colored
Changes since revision 1.82: +182 -103 lines
- Reword and reorganize the PF subchapter to be clearer and easier to use. Mention the changed location of a configuration file in 7.0. PR: docs/122351, docs/121321 (related) Submitted by: John Ferrell <jdferrell3@yahoo.com>
Revision 1.82: download - view: text, markup, annotated - select for diffs
Sun Jun 1 09:42:11 2008 UTC (3 years, 8 months ago) by remko
Branches: MAIN
Diff to: previous 1.81: preferred, colored
Changes since revision 1.81: +2 -3 lines
Borrow Poul-Henning's Axe and chop out old information for 4.x, 5.x and unsupported 6.x releases. Tom started this process a while ago and I'll follow up on that for the latest EoL round. The old versions can still be found in the doc archives: http://docs.freebsd.org/doc/
Revision 1.81: download - view: text, markup, annotated - select for diffs
Sat Mar 1 17:50:03 2008 UTC (3 years, 11 months ago) by loader
Branches: MAIN
Diff to: previous 1.80: preferred, colored
Changes since revision 1.80: +1 -1 lines
s/option divert/option IPDIVERT/ to enable support for divert sockets. Obtained from: The FreeBSD Simplified Chinese Project Submitted by: zheng chengfu (iheaing at gmail.com)
Revision 1.80: download - view: text, markup, annotated - select for diffs
Thu Jan 17 17:50:30 2008 UTC (4 years ago) by remko
Branches: MAIN
Diff to: previous 1.79: preferred, colored
Changes since revision 1.79: +1 -1 lines
s/IPF/PF/ (with acronym tags around it as was the case before modifying the text). Noticed by: danger
Revision 1.79: download - view: text, markup, annotated - select for diffs
Thu Jan 17 13:38:31 2008 UTC (4 years ago) by remko
Branches: MAIN
Diff to: previous 1.78: preferred, colored
Changes since revision 1.78: +5 -1 lines
IPF does not have ALTQ support (or at least not that I and several others could find) so remove it from the information, give an example on how such a setup can be achieved. PR: docs/113464 Submitted by: Josh Paetzel <josh at tcbug dot org> Inspired by: Marc Silver <marcs at draenor dot org> (slightly rewritten by me).
Revision 1.78: download - view: text, markup, annotated - select for diffs
Fri Dec 28 20:17:18 2007 UTC (4 years, 1 month ago) by remko
Branches: MAIN
Diff to: previous 1.77: preferred, colored
Changes since revision 1.77: +1 -1 lines
s/examble/example/
Revision 1.77: download - view: text, markup, annotated - select for diffs
Sat Oct 6 00:04:22 2007 UTC (4 years, 4 months ago) by trhodes
Branches: MAIN
CVS tags: RELEASE_7_0_0, RELEASE_6_3_0
Diff to: previous 1.76: preferred, colored
Changes since revision 1.76: +1 -1 lines
Add a space to separate two words.
Revision 1.76: download - view: text, markup, annotated - select for diffs
Mon Jul 2 19:46:27 2007 UTC (4 years, 7 months ago) by remko
Branches: MAIN
Diff to: previous 1.75: preferred, colored
Changes since revision 1.75: +0 -21 lines
Remove a section about ipfilter FTP Proxy Bugs, which were resolved in version 3.4.3 released in 2000, a little ago. PR: docs/95263 Submitted by: Joe <fbsd_user at a1poweruser dot com>
Revision 1.75: download - view: text, markup, annotated - select for diffs
Wed Apr 25 15:01:58 2007 UTC (4 years, 9 months ago) by roam
Branches: MAIN
Diff to: previous 1.74: preferred, colored
Changes since revision 1.74: +1 -1 lines
Fix an address specification in the IPNAT port redirection example. Left as 0/32, it would only redirect Very Weird Packets(tm), while as 0.0.0.0/0 it will indeed process all the traffic as intended. Submitted by: "Michael P. Soulier" <msoulier@digitaltorque.ca>
Revision 1.74: download - view: text, markup, annotated - select for diffs
Fri Nov 17 14:37:11 2006 UTC (5 years, 2 months ago) by delphij
Branches: MAIN
CVS tags: RELEASE_6_2_0
Diff to: previous 1.73: preferred, colored
Changes since revision 1.73: +0 -3 lines
Remove an unnecessary sentence.
Revision 1.73: download - view: text, markup, annotated - select for diffs
Tue Oct 10 02:56:06 2006 UTC (5 years, 4 months ago) by trhodes
Branches: MAIN
Diff to: previous 1.72: preferred, colored
Changes since revision 1.72: +1 -3 lines
Replace some confusing text about "IPFW being loaded/not being loaded/blah" with some more relevent and clear text about using rc.conf to load the firewall. PR 99336 Discussed with: keramida (follow up to PR, etc.)
Revision 1.72: download - view: text, markup, annotated - select for diffs
Sat Aug 26 00:13:26 2006 UTC (5 years, 5 months ago) by danger
Branches: MAIN
Diff to: previous 1.71: preferred, colored
Changes since revision 1.71: +60 -3 lines
Add some bits about firewall_script and firewall_type rc.conf variables to ipfw section. Reviewed by: trhodes Approved by: keramida (mentor) PR: docs/93764
Revision 1.71: download - view: text, markup, annotated - select for diffs
Tue Aug 8 20:22:08 2006 UTC (5 years, 6 months ago) by keramida
Branches: MAIN
Diff to: previous 1.70: preferred, colored
Changes since revision 1.70: +13 -8 lines
ipnat doesn't support IP ranges with a.b.c.d-w.x.y.z notation, but only with /netmask or /cidr notation PR: docs/95261 Submitted by: fbsd_user@a1poweruser.com
Revision 1.70: download - view: text, markup, annotated - select for diffs
Tue Jun 20 10:55:38 2006 UTC (5 years, 7 months ago) by marck
Branches: MAIN
Diff to: previous 1.69: preferred, colored
Changes since revision 1.69: +4 -6 lines
Clean a couple of 4.X references.
Revision 1.69: download - view: text, markup, annotated - select for diffs
Wed Jun 7 05:34:30 2006 UTC (5 years, 8 months ago) by trhodes
Branches: MAIN
Diff to: previous 1.68: preferred, colored
Changes since revision 1.68: +9 -1 lines
Document "firewall_type" in this chapter. PR: 38772
Revision 1.68: download - view: text, markup, annotated - select for diffs
Tue May 30 23:08:23 2006 UTC (5 years, 8 months ago) by trhodes
Branches: MAIN
Diff to: previous 1.67: preferred, colored
Changes since revision 1.67: +6 -60 lines
Do what I swore would be done: o Remove 4.X information, this includes notes and sections. o Update documentation to reflect 5.X and 6.X. o In some areas, try to make the new content version agnostic. o Skip areas stating "5.[0-5] and later" as it's relevant - we need a better way to handle these. For several items, I checked the NOTES files, manual pages, CVS history, etc. Discussed on: -doc A few ideas from: remko
Revision 1.67: download - view: text, markup, annotated - select for diffs
Wed May 10 18:44:04 2006 UTC (5 years, 9 months ago) by keramida
Branches: MAIN
CVS tags: RELEASE_5_5_0
Diff to: previous 1.66: preferred, colored
Changes since revision 1.66: +4 -0 lines
Point to the searchable archives of the opensource IPFilter mailing list, at marc.aimsgroup.com. PR: docs/95264 Submitted by: fbsd_user@a1poweruser.com
Revision 1.66: download - view: text, markup, annotated - select for diffs
Tue Feb 7 17:00:51 2006 UTC (6 years ago) by jcamou
Branches: MAIN
CVS tags: RELEASE_6_1_0
Diff to: previous 1.65: preferred, colored
Changes since revision 1.65: +4 -3 lines
Note the use of NOINET6 on the FreeBSD 5.X series. Submitted by: Daniel Gerzo <danger at rulez.sk> Approved by: trhodes (mentor)
Revision 1.65: download - view: text, markup, annotated - select for diffs
Mon Feb 6 19:13:19 2006 UTC (6 years ago) by jcamou
Branches: MAIN
Diff to: previous 1.64: preferred, colored
Changes since revision 1.64: +1 -1 lines
s/NOINET6/NO_INET6/ PR: docs/92816 Submitted by: Daniel Gerzo <danger@rulez.sk> Approved by: trhodes (mentor)
Revision 1.64: download - view: text, markup, annotated - select for diffs
Sun Jan 22 22:20:42 2006 UTC (6 years ago) by brd
Branches: MAIN
Diff to: previous 1.63: preferred, colored
Changes since revision 1.63: +45 -10 lines
- Restructure part of the PF section. - Add general info about enabling PF and creating rulsets. PR: docs/92113 Submitted by: Daniel Gerzo <danger at rulez dot sk> Reviewed by: simon@ and ceri@ Approved by: ceri@
Revision 1.63: download - view: text, markup, annotated - select for diffs
Thu Jan 5 20:03:37 2006 UTC (6 years, 1 month ago) by delphij
Branches: MAIN
Diff to: previous 1.62: preferred, colored
Changes since revision 1.62: +35 -35 lines
Escape <, >, &'s, plus some cleanups against the SGML. There should not be any content changes involved in this commit, however, localization teams are encouraged to catch up with this change. Requested by: intron at intron ac Reviewed by: Niclas Zeising <lothrandil at n00b apagnu se> Glanced by: simon
Revision 1.62: download - view: text, markup, annotated - select for diffs
Thu May 19 09:13:32 2005 UTC (6 years, 8 months ago) by blackend
Branches: MAIN
CVS tags: RELEASE_6_0_0
Diff to: previous 1.61: preferred, colored
Changes since revision 1.61: +6 -0 lines
In IPFW section: point people to network-natd section when it's time to configure the system via rc.conf. This avoids to repeat things and allows the reader to complete the natd(8) configuration. Based on PR: docs/81199 Submitted by: Rong-En Fan <rafan@infor.org>
Revision 1.61: download - view: text, markup, annotated - select for diffs
Thu May 19 08:42:49 2005 UTC (6 years, 8 months ago) by blackend
Branches: MAIN
Diff to: previous 1.60: preferred, colored
Changes since revision 1.60: +1 -1 lines
Typo PR: docs/81242 Submitted by: David Adam <zanchey@ucc.gu.uwa.edu.au>
Revision 1.60: download - view: text, markup, annotated - select for diffs
Sun May 8 14:15:43 2005 UTC (6 years, 9 months ago) by remko
Branches: MAIN
Diff to: previous 1.59: preferred, colored
Changes since revision 1.59: +4 -4 lines
Add forgotten spaces and add 2 non breaking spaces for &os; 5.X and 4.X. Noticed by: blackend Forgotten by: remko (me)
Revision 1.59: download - view: text, markup, annotated - select for diffs
Sun May 8 12:45:29 2005 UTC (6 years, 9 months ago) by remko
Branches: MAIN
Diff to: previous 1.58: preferred, colored
Changes since revision 1.58: +15 -7 lines
Update the IPMON section by making it suitable for 5.X (and reference 4.X for people still using 4.X). PR: docs/79543 Submitted by: <fbsd_user at a1poweruser dot com>
Revision 1.58: download - view: text, markup, annotated - select for diffs
Sun May 1 20:44:49 2005 UTC (6 years, 9 months ago) by remko
Branches: MAIN
Diff to: previous 1.57: preferred, colored
Changes since revision 1.57: +3 -3 lines
Let portredirection be rdr instead of map (which is NAT). Noticed by: Andrius Paurys <shaman at shaman dot velniai dot net>
Revision 1.57: download - view: text, markup, annotated - select for diffs
Thu Mar 31 21:11:56 2005 UTC (6 years, 10 months ago) by simon
Branches: MAIN
CVS tags: RELEASE_5_4_0
Diff to: previous 1.56: preferred, colored
Changes since revision 1.56: +26 -43 lines
- Reword some text. - Use firewall package instead of firewall software application. - Do not say non-stateful firewall's are "legacy" since they still make sense in some cases. - Move paragraph about /etc/rc.firewall to the ipfw section and don't say it's outdates, just simple. [1] Inspired by: den [1]
Revision 1.56: download - view: text, markup, annotated - select for diffs
Thu Mar 31 19:38:18 2005 UTC (6 years, 10 months ago) by simon
Branches: MAIN
Diff to: previous 1.55: preferred, colored
Changes since revision 1.55: +10 -0 lines
Add a note about the IPF and IPFW sections being work-in-progress. This is far from a good situation, but it's better to be up front about it. Discussed with: den, remko
Revision 1.55: download - view: text, markup, annotated - select for diffs
Wed Mar 16 12:57:30 2005 UTC (6 years, 10 months ago) by mlaier
Branches: MAIN
Diff to: previous 1.54: preferred, colored
Changes since revision 1.54: +8 -0 lines
Add notes about required kernel options for PF as a module and explain how to build an IPv6-less setup. Approved by: simon Inspired by PR: kern/70401
Revision 1.54: download - view: text, markup, annotated - select for diffs
Wed Mar 9 11:43:14 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.53: preferred, colored
Changes since revision 1.53: +9 -5 lines
Note: ... -> <note> ... </note>, and align according this change No other content changes
Revision 1.53: download - view: text, markup, annotated - select for diffs
Wed Mar 9 11:32:15 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.52: preferred, colored
Changes since revision 1.52: +15 -15 lines
Small whitespace fix (for lines missed in previous fix) Translators can ignore
Revision 1.52: download - view: text, markup, annotated - select for diffs
Tue Mar 8 08:15:50 2005 UTC (6 years, 11 months ago) by delphij
Branches: MAIN
Diff to: previous 1.51: preferred, colored
Changes since revision 1.51: +3 -2 lines
When talking about avoiding information disclosure, we generally say we will be able to delay the actual break-in, since crackers can still manage to get into the system if there is a hole. So, prefer saying "we can delay the actual attack" rather than "the system is more secure". Reviewed by: trhodes
Revision 1.51: download - view: text, markup, annotated - select for diffs
Sat Mar 5 00:30:36 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.50: preferred, colored
Changes since revision 1.50: +3 -2 lines
Improve some mark-up and wording a bit.
Revision 1.50: download - view: text, markup, annotated - select for diffs
Fri Mar 4 23:21:07 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.49: preferred, colored
Changes since revision 1.49: +11 -17 lines
- Whitespace cleanup which change rendered output. Should not be ignored by translators. - Fix some English grammar. - Add missing punctuation. Submitted by: Siebrand Mazeland <s.mazeland@xs4all.nl>
Revision 1.49: download - view: text, markup, annotated - select for diffs
Fri Mar 4 23:11:23 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.48: preferred, colored
Changes since revision 1.48: +1768 -1674 lines
Whitespace cleanup. No content change - translators can ignore. Submitted by: Siebrand Mazeland <s.mazeland@xs4all.nl> No objections: -doc
Revision 1.48: download - view: text, markup, annotated - select for diffs
Fri Mar 4 08:04:06 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.47: preferred, colored
Changes since revision 1.47: +13 -0 lines
Add warning to describe relation between rc.conf firewall_logging variable and sysctl net.ip.fw.verbose variable; suggest to set net.inet.ip.fw.verbose_limit variable via sysctl.conf (it is impossible to set it via rc.conf variables). Discussed with (and my English fixed by): trhodes
Revision 1.47: download - view: text, markup, annotated - select for diffs
Tue Mar 1 21:45:02 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.46: preferred, colored
Changes since revision 1.46: +65 -5 lines
Add information on setting up ATLQ. PR: docs/78096 Submitted by: Brad Davis <so14k@so14k.com> Input from: mlaier, trhodes
Revision 1.46: download - view: text, markup, annotated - select for diffs
Sat Feb 26 16:04:36 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.45: preferred, colored
Changes since revision 1.45: +6 -6 lines
Lan -> LAN in the firewall section. PR: docs/78120 Submitted by: Brad Davis <so14k@so14k.com>
Revision 1.45: download - view: text, markup, annotated - select for diffs
Fri Feb 25 12:12:20 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.44: preferred, colored
Changes since revision 1.44: +7 -0 lines
Note that the search continues after count, skipto and tee rules.
Revision 1.44: download - view: text, markup, annotated - select for diffs
Fri Feb 25 11:43:46 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.43: preferred, colored
Changes since revision 1.43: +2 -2 lines
s/RULE#/RULE_NUMBER/ to not to mix with comments that was noted above
Revision 1.43: download - view: text, markup, annotated - select for diffs
Fri Feb 25 11:39:12 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.42: preferred, colored
Changes since revision 1.42: +30 -0 lines
Mark a few annoying things in addition to marked ones
Revision 1.42: download - view: text, markup, annotated - select for diffs
Fri Feb 25 09:07:37 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.41: preferred, colored
Changes since revision 1.41: +5 -7 lines
Obtain yet another text from old security chapter (rev. 1.229) to replace IPFIREWALL_VERBOSE_LIMIT description. Improved by: trhodes
Revision 1.41: download - view: text, markup, annotated - select for diffs
Fri Feb 25 07:59:32 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +2 -1 lines
"only way -> one of the ways" for testing rules via counters
Revision 1.40: download - view: text, markup, annotated - select for diffs
Fri Feb 25 07:43:07 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +7 -10 lines
Fix instructions related to IPFW logging.
Revision 1.39: download - view: text, markup, annotated - select for diffs
Sun Feb 20 14:11:46 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.38: preferred, colored
Changes since revision 1.38: +1 -1 lines
Remove more contractions. PR: docs/77775 Submitted by: Siebrand Mazeland <s.mazeland@xs4all.nl>
Revision 1.38: download - view: text, markup, annotated - select for diffs
Sun Feb 20 14:04:14 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +1 -1 lines
Remove more contractions. Submitted by: Joel Dahl <joel@automatvapen.se>
Revision 1.37: download - view: text, markup, annotated - select for diffs
Sat Feb 19 14:03:54 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +2 -2 lines
Remove some contractions. Submitted by: Joel Dahl <joel@automatvapen.se> PR: docs/77729
Revision 1.36: download - view: text, markup, annotated - select for diffs
Fri Feb 18 12:08:24 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +2 -2 lines
Add id to "Building the Rule Script with Symbolic Substitution" section and fix xref to this section.
Revision 1.35: download - view: text, markup, annotated - select for diffs
Fri Feb 18 11:37:11 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +7 -7 lines
Rewrite warning about remote firewall setup. New version mostly obtained from old security chapter (rev. 1.229). With fixes from: simon, roam
Revision 1.34: download - view: text, markup, annotated - select for diffs
Tue Feb 15 15:09:42 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +3 -4 lines
note -> warning, remove "should use" comment
Revision 1.33: download - view: text, markup, annotated - select for diffs
Mon Feb 14 14:25:44 2005 UTC (6 years, 11 months ago) by den
Branches: MAIN
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +1 -1 lines
Change title for "Building the Rule Script" section to "Building the Rule Script with Symbolic Substitution" Reviewed by: remko
Revision 1.32: download - view: text, markup, annotated - select for diffs
Sun Feb 13 10:24:08 2005 UTC (6 years, 11 months ago) by simon
Branches: MAIN
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +2 -2 lines
Be consistent and change '[P|p]orts collection' -> 'Ports Collection' as per the FDP Primer word list. Submitted by: Siebrand Mazeland <s.mazeland@xs4all.nl> PR: docs/76324
Revision 1.31: download - view: text, markup, annotated - select for diffs
Fri Feb 11 09:01:51 2005 UTC (7 years ago) by den
Branches: MAIN
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +5 -5 lines
1.32 -> 1/32 for ipnat keyword, use <literal where needed. PR: docs/77131 (slightly modified) Submitted by: Brad Davis <so14k@so14k.com>
Revision 1.30: download - view: text, markup, annotated - select for diffs
Fri Feb 11 08:03:22 2005 UTC (7 years ago) by den
Branches: MAIN
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +22 -22 lines
Move from "programlisting" and "command" to "screen" and "userinput" where needed
Revision 1.29: download - view: text, markup, annotated - select for diffs
Fri Feb 11 07:24:19 2005 UTC (7 years ago) by den
Branches: MAIN
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +15 -16 lines
Fix several minor grammatical and spelling errors, changes several <programlisting> and <command> sections to <screen>, <literal> and <userinput> where required PR: docs/77370 (slightly modified) Submitted by: David Adam <zanchey@ucc.gu.uwa.edu.au>
Revision 1.28: download - view: text, markup, annotated - select for diffs
Thu Feb 10 12:20:03 2005 UTC (7 years ago) by den
Branches: MAIN
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +1 -1 lines
Add missing dot after sentence
Revision 1.27: download - view: text, markup, annotated - select for diffs
Thu Feb 10 12:04:02 2005 UTC (7 years ago) by den
Branches: MAIN
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +42 -25 lines
Improve "Building the Rule Script" section by adding description of converting script to rule list (the example already contain this way, but it was not described).
Revision 1.26: download - view: text, markup, annotated - select for diffs
Tue Feb 8 07:47:55 2005 UTC (7 years ago) by den
Branches: MAIN
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +1 -1 lines
Remove "replaceable" tag around syslogd in "killall -HUP" command Reviewed by: simon
Revision 1.25: download - view: text, markup, annotated - select for diffs
Sat Feb 5 15:16:24 2005 UTC (7 years ago) by mheinen
Branches: MAIN
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +1 -1 lines
Add a missing ;.
Revision 1.24: download - view: text, markup, annotated - select for diffs
Sat Feb 5 12:42:20 2005 UTC (7 years ago) by mheinen
Branches: MAIN
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +194 -0 lines
Index the Firewall chapter and the IPsec section. Instead of "user configuration files" explicitly list the files ".k5login" and ".k5users".
Revision 1.23: download - view: text, markup, annotated - select for diffs
Fri Jan 28 17:37:00 2005 UTC (7 years ago) by rushani
Branches: MAIN
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +1 -1 lines
Use &man.pf.4; instead of &man.pf.9;.
Revision 1.22: download - view: text, markup, annotated - select for diffs
Fri Jan 28 15:31:26 2005 UTC (7 years ago) by keramida
Branches: MAIN
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +48 -8 lines
Describe in as much detail as possible the availability of PF for the entire range of FreeBSD versions that may be in use out there. The tabular layout doesn't look exactly perfect, but this is a stylesheet issue, which we can fix separately. Some info by: mlaier Discussed with: Brad Davis <so14k@so14k.com>
Revision 1.21: download - view: text, markup, annotated - select for diffs
Fri Jan 28 08:36:55 2005 UTC (7 years ago) by den
Branches: MAIN
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +5 -5 lines
- &os; 4 -> &os; 4.X - put <application></application> around Syslogd - move dot out from quotes - explain "can be considered short" in comment (can be useful later) - restart -> reload for re-reading syslog.conf
Revision 1.20: download - view: text, markup, annotated - select for diffs
Thu Jan 27 15:27:49 2005 UTC (7 years ago) by keramida
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +8 -3 lines
Tweak a bit the wording about the versions of FreeBSD that support the pf(9) firewall. PR: docs/76750 Submitted by: Brad Davis <so14k@so14k.com> Reviewed by: mlaier
Revision 1.19: download - view: text, markup, annotated - select for diffs
Sun Jan 23 21:05:58 2005 UTC (7 years ago) by keramida
Branches: MAIN
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +14 -16 lines
Various punctuation fixes. PR: docs/76600 Submitted by: Brad Davis <so14k@so14k.com>
Revision 1.18: download - view: text, markup, annotated - select for diffs
Fri Jan 21 14:33:01 2005 UTC (7 years ago) by keramida
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +38 -36 lines
+ Many punctuation and wording fixes: - Whitespace before punctuation was removed. - Numbers below 10 are spelled out as words. - Reworded some sentences and added missing words. + Added a note about periodically flushing firewall rules to make sure one is not locked out while tinkering with rulesets. PR: docs/76533 Submitted by: Brad Davis <so14k@so14k.com>
Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Jan 21 10:21:20 2005 UTC (7 years ago) by roam
Branches: MAIN
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +4 -4 lines
In the spirit of the previous Block -> block change, syslog levels are usually spelled in lowercase, so change Local0 -> local0, too.
Revision 1.16: download - view: text, markup, annotated - select for diffs
Fri Jan 21 10:07:16 2005 UTC (7 years ago) by blackend
Branches: MAIN
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +1 -1 lines
Typo. PR: docs/76521 Submitted by: Brad Davis <so14k@so14k.com>
Revision 1.15: download - view: text, markup, annotated - select for diffs
Wed Jan 12 01:55:04 2005 UTC (7 years, 1 month ago) by mheinen
Branches: MAIN
CVS tags: RELEASE_4_11_0
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +4 -4 lines
Add/repair closing tags. Submitted by: doclint
Revision 1.14: download - view: text, markup, annotated - select for diffs
Sat Jan 1 17:53:33 2005 UTC (7 years, 1 month ago) by ceri
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +4 -1 lines
Clarify some dates regarding the integration of PF into FreeBSD. Confusion noted in: PR: docs/75694 Submitted by: Marian Cerny <jojo at matfyz dot cz>
Revision 1.13: download - view: text, markup, annotated - select for diffs
Sat Jan 1 13:18:52 2005 UTC (7 years, 1 month ago) by ceri
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +1 -1 lines
Kill one last instance of "NIC card".
Revision 1.12: download - view: text, markup, annotated - select for diffs
Sat Jan 1 13:15:48 2005 UTC (7 years, 1 month ago) by ceri
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +207 -198 lines
Apply various grammar, capitalisation and other fixes from the PR below, along with some others that I noticed while reviewing the patch. PR: docs/75422 Submitted by: Matteo Riondato <rionda at gufi dot org>
Revision 1.11: download - view: text, markup, annotated - select for diffs
Wed Dec 22 07:51:45 2004 UTC (7 years, 1 month ago) by keramida
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +2 -2 lines
Clean up a bit the description of `device pf'. Noticed by: Matteo Riondato <rionda@gufi.org>
Revision 1.10: download - view: text, markup, annotated - select for diffs
Thu Dec 16 22:45:35 2004 UTC (7 years, 1 month ago) by simon
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +34 -55 lines
Miscellaneous improvements of the first two sections: - Don't state that firewalls and stateful filtering will always improve security, since that might not be the case. - Change the Firewall Rulesets section to a more general Firewall Concepts section. - Remove some basic network text which the user should already know when reading about more advanced topics, like firewalls. - Miscellaneous rewording. Reviewed by: -doc Improvments by: remko, David Adam <zanchey@ucc.gu.uwa.edu.au>
Revision 1.9: download - view: text, markup, annotated - select for diffs
Wed Dec 15 15:08:34 2004 UTC (7 years, 1 month ago) by den
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +14 -12 lines
Add few "option", "command", and "filename" tags Huge amount of tags in this chapter still missed
Revision 1.8: download - view: text, markup, annotated - select for diffs
Mon Dec 13 22:37:36 2004 UTC (7 years, 2 months ago) by remko
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +5 -5 lines
Insert information about PF in the Firewall Software Applications section. Approved by: simon (mentor)
Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Dec 12 23:21:03 2004 UTC (7 years, 2 months ago) by simon
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +11 -11 lines
- Remove contractions. - Use the serial comma. - Correct spelling. PR: docs/74720 Submitted by: Joel Dahl <joel@automatvapen.se>
Revision 1.6: download - view: text, markup, annotated - select for diffs
Sun Dec 12 20:01:06 2004 UTC (7 years, 2 months ago) by remko
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +0 -0 lines
Forced commit to clarify the last commit message: Add the emacs footer for the firewalls chapter. Approved by: simon (mentor)
Revision 1.5: download - view: text, markup, annotated - select for diffs
Sun Dec 12 19:47:55 2004 UTC (7 years, 2 months ago) by remko
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +11 -0 lines
Add the emacs for the firewalls chapter. Approved by: simon (mentor)
Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed Dec 8 14:20:02 2004 UTC (7 years, 2 months ago) by den
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +3 -2 lines
Point to NOTES kernel source sample by default and to LINT for 4.X
Revision 1.3: download - view: text, markup, annotated - select for diffs
Wed Dec 8 13:51:41 2004 UTC (7 years, 2 months ago) by den
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +1 -1 lines
Capitalize letter
Revision 1.2: download - view: text, markup, annotated - select for diffs
Mon Dec 6 21:25:32 2004 UTC (7 years, 2 months ago) by mlaier
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +1 -1 lines
Bring the title for the PF section in line with the other two. Approved by: trhodes
Revision 1.1: download - view: text, markup, annotated - select for diffs
Sun Dec 5 00:14:21 2004 UTC (7 years, 2 months ago) by murray
Branches: MAIN
Remove the bulging firewalls section from the security chapter into a new chapter all its own, currently in the 'network communications' part as chapter 24. Add a small paragraph at the bottom of the security chapter synopsis noting that additional security topics are covered in the MAC chapter and the Firewall chapter. While here add some missing punctuation, cleanup the whitespace, add missing </para> tags, add a synopsis, and of course s/<sectN/<sectN-1/.