Fix several minor grammatical and spelling errors,
changes several <programlisting> and <command> sections to <screen>, <literal> and <userinput> where required PR: docs/77370 (slightly modified) Submitted by: David Adam <zanchey@ucc.gu.uwa.edu.au>
This commit is contained in:
Denis Peplin
parent
31a9955496
commit
12a71f864c
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=23765
1 changed files with 15 additions and 16 deletions
|
|
@ -822,12 +822,11 @@ LOG_ERR - packets which have been logged and which can be considered short</scre
|
|||
|
||||
<para>Symbolic fields do not have the $ prefix.</para>
|
||||
|
||||
<para>The value to populate the Symbolic field must be enclosed
|
||||
with "double quotes".</para>
|
||||
<para>The value to populate the symbolic field must be enclosed
|
||||
with double quotes (<literal>"</literal>).</para>
|
||||
|
||||
<para>Start your rule file with something like this:</para>
|
||||
|
||||
|
||||
<programlisting>############# Start of IPF rules script ########################
|
||||
|
||||
oif="dc0" # name of the outbound interface
|
||||
|
|
@ -836,7 +835,7 @@ myip="192.0.2.7" # my static IP address from ISP
|
|||
ks="keep state"
|
||||
fks="flags S keep state"
|
||||
|
||||
# You can chose between building /etc/ipf.rules file
|
||||
# You can choose between building /etc/ipf.rules file
|
||||
# from this script or running this script "as is".
|
||||
#
|
||||
# Uncomment only one line and comment out another.
|
||||
|
|
@ -860,25 +859,25 @@ EOF
|
|||
################## End of IPF rules script ########################</programlisting>
|
||||
|
||||
<para>That is all there is to it. The rules are not important in
|
||||
this example; how the Symbolic substitution field are populated
|
||||
this example; how the symbolic substitution fields are populated
|
||||
and used are. If the above example was in a file named <filename>/etc/ipf.rules.script</filename>,
|
||||
you could reload these rules by entering this on the command
|
||||
line:</para>
|
||||
you could reload these rules by entering the following
|
||||
command:</para>
|
||||
|
||||
<programlisting><command>sh /etc/ipf.rules.script</command>
|
||||
</programlisting>
|
||||
<screen>&prompt.root; <userinput>sh /etc/ipf.rules.script</userinput>
|
||||
</screen>
|
||||
|
||||
<para>There is one problem with using a rules file with embedded
|
||||
symbolics. IPF do not understand symbolic substitution, and
|
||||
can not read such scripts directly.</para>
|
||||
symbolics: IPF does not understand symbolic substitution, and
|
||||
cannot read such scripts directly.</para>
|
||||
|
||||
<para>This script can be used in one of two ways:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>Uncomment line that begins from <command>cat</command>
|
||||
and comment out line that begins from
|
||||
<filename>/sbin/ipf</filename>. Place
|
||||
<para>Uncomment the line that begins with <literal>cat</literal>,
|
||||
and comment out the line that begins with
|
||||
<literal>/sbin/ipf</literal>. Place
|
||||
<literal>ipfilter_enable="YES"</literal> into
|
||||
<filename>/etc/rc.conf</filename> as usual, and run
|
||||
script once after each modification to create or update
|
||||
|
|
@ -903,11 +902,11 @@ sh /etc/ipf.rules.script</programlisting>
|
|||
<para>The permissions on this script file must be read, write,
|
||||
execute for owner <username>root</username>.</para>
|
||||
|
||||
<programlisting><command>chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh</command></programlisting>
|
||||
<screen>&prompt.root; <userinput>chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh</userinput></screen>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>Now, when your system boots your IPF rules will be
|
||||
<para>Now, when your system boots, your IPF rules will be
|
||||
loaded.</para>
|
||||
</sect2>
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue