From 01023d99b7a6098feb3363ff1cffdeaa8f9c44fc Mon Sep 17 00:00:00 2001 From: "Danilo G. Baio" Date: Mon, 28 Jan 2019 12:37:45 +0000 Subject: [PATCH] handbook: Improve Firewalls chapter - Fix some dead links and punctuations - pfctl_parser.c was moved to a new location since FreeBSD 10 - Fix a few service commands Issues found when translating this chapter to pt_BR. Reviewed by: bcr Approved by: doc (bcr) Differential Revision: https://reviews.freebsd.org/D18981 --- .../books/handbook/firewalls/chapter.xml | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml index abb0da5dfe..47ec23678e 100644 --- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml @@ -173,8 +173,8 @@ and do a port number lookup to find the purpose of a particular port number. - Check out this link for port numbers used by Trojans http://www.sans.org/security-resources/idfaq/oddports.php. + Check out this link for port numbers used by Trojans. FTP has two modes: active mode and passive mode. The difference is in how the data channel is acquired. Passive @@ -606,8 +606,8 @@ options ALTQ_PRIQ # Priority Queuing (PRIQ) More information about the scheduling - algorithms and example rulesets are available at http://www.openbsd.org/faq/pf/queueing.html. + algorithms and example rulesets are available at the OpenBSD's web archive. @@ -831,7 +831,7 @@ pass from { lo0, $localnet } to any keep state flags S/SA keep state A few other pass rules may be needed. This one enables - SSH on the external interface:: + SSH on the external interface: pass in inet proto tcp to $ext_if port ssh @@ -1009,7 +1009,7 @@ pass inet proto icmp from any to $ext_if keep state If other types of ICMP packets are needed, expand icmp_types to a list of those packet types. Type more - /usr/src/contrib/pf/pfctl/pfctl_parser.c to see + /usr/src/sbin/pfctl/pfctl_parser.c to see the list of ICMP message types supported by PF. Refer to http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml @@ -1417,7 +1417,7 @@ rdr pass on $ext_if inet proto tcp from !<spamd-white> to \ When finished, reload the ruleset, start spamd by typing - service start obspamd, and complete + service obspamd start, and complete the configuration using spamd-setup. Finally, create a &man.cron.8; job which calls spamd-setup to update the tables at @@ -1472,8 +1472,8 @@ rdr pass on $ext_if inet proto tcp from !<spamd-white> to \ To complete the greylisting setup: - &prompt.root; service restart obspamd -&prompt.root; service start spamlogd + &prompt.root; service obspamd restart +&prompt.root; service obspamlogd start @@ -2164,7 +2164,7 @@ pif="dc0" # interface name of NIC attached to Internet LAN should be assigned an IP address in the private network space, as defined by RFC + xlink:href="https://www.ietf.org/rfc/rfc1918.txt">RFC 1918, and have the default gateway set to the &man.natd.8; system's internal IP address. @@ -2365,7 +2365,7 @@ good_tcpo="22,25,37,53,80,443,110" configuration file. For further configuration options, consult - &man.natd.8; + &man.natd.8;.