From 64579782ad76eb58ccb12a643b935272a1f5a2b2 Mon Sep 17 00:00:00 2001
From: Daniel Gerzo <danger@FreeBSD.org>
Date: Wed, 24 Dec 2008 01:33:40 +0000
Subject: [PATCH] - remove WIP note from the IPFW section, I don't think it
 belongs there,   all documentation is actually WIP...

- add a note that IPFW now supports both IPv4 and IPv6

- remove now obsoleted IPV6FIREWALL* options (see
  http://lists.freebsd.org/pipermail/freebsd-questions/2008-December/189329.html)

Inspired by:	http://forums.freebsd.org/showthread.php?t=1110
---
 .../books/handbook/firewalls/chapter.sgml     | 20 ++++---------------
 1 file changed, 4 insertions(+), 16 deletions(-)

diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
index af77944824..eab5a8db5f 100644
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
@@ -2124,11 +2124,6 @@ pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state</pro
       <secondary>IPFW</secondary>
     </indexterm>
 
-    <note>
-      <para>This section is work in progress.  The contents might
-	not be accurate at all times.</para>
-    </note>
-
     <para>The IPFIREWALL (IPFW) is a &os; sponsored firewall software
       application authored and maintained by &os; volunteer staff
       members.  It uses the legacy stateless rules and a legacy rule
@@ -2136,7 +2131,8 @@ pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state</pro
       Stateful logic.</para>
 
     <para>The IPFW sample rule set (found in
-      <filename>/etc/rc.firewall</filename>) in the standard &os;
+      <filename>/etc/rc.firewall</filename> and
+      <filename>/etc/rc.firewall6</filename>) in the standard &os;
       install is rather simple and it is not expected that it used
       directly without modifications.  The example does not use
       stateful filtering, which is beneficial in most setups, so it
@@ -2159,7 +2155,8 @@ pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state</pro
       rule which triggers the <acronym>NAT</acronym> facility, and the
       advanced special purpose facilities, the dummynet traffic shaper
       facilities, the 'fwd rule' forward facility, the bridge
-      facility, and the ipstealth facility.</para>
+      facility, and the ipstealth facility.  IPFW supports both IPv4
+      and IPv6.</para>
 
     <sect2 id="firewalls-ipfw-enable">
       <title>Enabling IPFW</title>
@@ -2256,15 +2253,6 @@ net.inet.ip.fw.verbose_limit=5</programlisting>
 	firewall by default, which is a good idea when you are first
 	setting up your firewall.</para>
 
-      <programlisting>options    IPV6FIREWALL
-options    IPV6FIREWALL_VERBOSE
-options    IPV6FIREWALL_VERBOSE_LIMIT
-options    IPV6FIREWALL_DEFAULT_TO_ACCEPT</programlisting>
-
-      <para>These options are exactly the same as the IPv4 options but
-	they are for IPv6.  If you do not use IPv6 you might want to
-	use IPV6FIREWALL without any rules to block all IPv6</para>
-
       <indexterm>
 	<primary>kernel options</primary>