Handbook/Firewalls: correct the network devices in the NAT example

PR: 232042 Submitted by: Samy Mahmoudi <samy dot mahmoudi at gmail dot com> Reviewed by: bcr Approved by: bcr Differential Revision: https://reviews.freebsd.org/D25652
svn path=/head/; revision=54389
2020-08-01 10:48:28 +00:00 · 2020-08-01 10:48:28 +00:00 · 5872491278 · 2020-12-08 03:00:23 +00:00
commit 5872491278
parent 5fa0ce657b
1 changed files with 5 additions and 5 deletions
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
@ -630,8 +630,8 @@ pass proto udp to any port $udp_services keep state</programlisting>
 	  running <application>PF</application> to act as a gateway
 	  for at least one other machine.  The gateway needs at least
 	  two network interfaces, each connected to a separate
-	  network.  In this example, <filename>xl1</filename> is
-	  connected to the Internet and <filename>xl0</filename> is
+	  network.  In this example, <filename>xl0</filename> is
+	  connected to the Internet and <filename>xl1</filename> is
 	  connected to the internal network.</para>

 	<para>First, enable the gateway to let the machine
@ -657,9 +657,9 @@ pass proto udp to any port $udp_services keep state</programlisting>

 	<para>Next, create the <application>PF</application> rules to
 	  allow the gateway to pass traffic.  While the following rule
-	  allows stateful traffic to pass from the Internet  to hosts
-	  on the network, the <literal>to</literal> keyword does not
-	  guarantee passage all the way from source to
+	  allows stateful traffic from hosts of the internal network
+	  to pass to the gateway, the <literal>to</literal> keyword
+	  does not guarantee passage all the way from source to
 	  destination:</para>

 	<programlisting>pass in on xl1 from xl1:network to xl0:network port $ports keep state</programlisting>