os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add warning to describe relation between rc.conf firewall_logging variable and

Browse source 
sysctl net.ip.fw.verbose variable; suggest to set net.inet.ip.fw.verbose_limit
variable via sysctl.conf (it is impossible to set it via rc.conf variables).

Discussed with (and my English fixed by):	trhodes
This commit is contained in:
Denis Peplin 2005-03-04 08:04:06 +00:00
parent 52f281eed3
commit 8a02bc7059
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=23988
1 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
View file

@ -2163,6 +2163,19 @@ options IPV6FIREWALL_DEFAULT_TO_ACCEPT</programlisting>
<para>Enable logging:</para>
<programlisting>firewall_logging="YES"</programlisting>
<warning>
<para>The only thing that the <varname>firewall_logging</varname>
variable will do is setting the
<varname>net.inet.ip.fw.verbose</varname> sysctl variable to
the value of <literal>1</literal> (see
<xref linkend="firewalls-ipfw-enable">). There is no
<filename>rc.conf</filename> variable to set log limitations,
but it can be set via sysctl variable, manually or
from the <filename>/etc/sysctl.conf</filename> file:</para>
<programlisting>net.inet.ip.fw.verbose_limit=5</programlisting>
</warning>
</sect2>
<sect2 id="firewalls-ipfw-cmd">