diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
index af77944824..eab5a8db5f 100644
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
@@ -2124,11 +2124,6 @@ pass in quick on rl0 proto tcp from any to any port = 20 flags S keep stateIPFW
-
- This section is work in progress. The contents might
- not be accurate at all times.
-
-
The IPFIREWALL (IPFW) is a &os; sponsored firewall software
application authored and maintained by &os; volunteer staff
members. It uses the legacy stateless rules and a legacy rule
@@ -2136,7 +2131,8 @@ pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state
The IPFW sample rule set (found in
- /etc/rc.firewall) in the standard &os;
+ /etc/rc.firewall and
+ /etc/rc.firewall6) in the standard &os;
install is rather simple and it is not expected that it used
directly without modifications. The example does not use
stateful filtering, which is beneficial in most setups, so it
@@ -2159,7 +2155,8 @@ pass in quick on rl0 proto tcp from any to any port = 20 flags S keep stateNAT facility, and the
advanced special purpose facilities, the dummynet traffic shaper
facilities, the 'fwd rule' forward facility, the bridge
- facility, and the ipstealth facility.
+ facility, and the ipstealth facility. IPFW supports both IPv4
+ and IPv6.
Enabling IPFW
@@ -2256,15 +2253,6 @@ net.inet.ip.fw.verbose_limit=5
firewall by default, which is a good idea when you are first
setting up your firewall.
- options IPV6FIREWALL
-options IPV6FIREWALL_VERBOSE
-options IPV6FIREWALL_VERBOSE_LIMIT
-options IPV6FIREWALL_DEFAULT_TO_ACCEPT
-
- These options are exactly the same as the IPv4 options but
- they are for IPv6. If you do not use IPv6 you might want to
- use IPV6FIREWALL without any rules to block all IPv6
-
kernel options