- Changed <application>IPFW</application> to just IPFW since we're

talking about the kernel functionality and not the command itself. Instances of "IPFW" in the handbook will be references to the kernel functionality, and <application/command>ipfw</> will be in reference to the command itself. - Added note to inform readers that "^D" mean to use control-d, as well as "^C" mean control-c (wrapped in keycaps of course). Reviewed by: chern
svn path=/head/; revision=10693
2001-09-13 22:11:10 +00:00 · 2001-09-13 22:11:10 +00:00 · 8e0a1ea3e8 · 2020-12-08 03:00:23 +00:00
commit 8e0a1ea3e8
parent ae158de562
1 changed files with 21 additions and 11 deletions
--- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
@ -1,7 +1,7 @@
 <!--
     The FreeBSD Documentation Project
-     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v 1.79 2001/09/12 21:51:14 logo Exp $
+     $FreeBSD: doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml,v 1.80 2001/09/13 20:06:28 logo Exp $
 -->
 <chapter id="security">
@ -1798,7 +1798,7 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
 	mechanisms.</para>
      <para>FreeBSD comes with a kernel packet filter (known as
-	<application>ipfw</application>), which is what the rest of this
+	IPFW), which is what the rest of this
 	section will concentrate on.  Proxy servers can be built on FreeBSD
 	from third party software, but there is such a variety of proxy
 	servers available that it would be impossible to cover them in this
@ -1869,13 +1869,13 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
      <title>What Does IPFW Allow Me to Do?</title>
      <indexterm><primary><command>ipfw</command></primary></indexterm>
-      <para><command>IPFW</command>, the software supplied with
+      <para>IPFW, the software supplied with
 	FreeBSD, is a packet filtering and accounting system which resides in
 	the kernel, and has a user-land control utility,
 	    &man.ipfw.8;.  Together, they allow you to define and query the
 	rules currently used by the kernel in its routing decisions.</para>
-      <para>There are two related parts to <application>IPFW</application>.
+      <para>There are two related parts to IPFW.
 	The firewall section allows you to perform packet filtering.  There is
 	also an IP accounting section which allows you to track usage of your
 	router, based on similar rules to the firewall section.  This allows
@ -1883,11 +1883,11 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
 	a certain machine, or how much WWW (World Wide Web) traffic it is
 	forwarding.</para>
-      <para>As a result of the way that <application>IPFW</application> is
+      <para>As a result of the way that IPFW is
-	designed, you can use <application>IPFW</application> on non-router
+	designed, you can use IPFW on non-router
 	machines to perform packet filtering on incoming and outgoing
 	connections.  This is a special case of the more general use of
-	<application>IPFW</application>, and the same commands and techniques
+	IPFW, and the same commands and techniques
 	should be used in this situation.</para>
    </sect2>
@ -1898,7 +1898,7 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
        <secondary>enabling</secondary>
      </indexterm>
-      <para>As the main part of the <application>IPFW</application> system
+      <para>As the main part of the IPFW system
 	lives in the kernel, you will need to add one or more options to your
 	kernel configuration file, depending on what facilities you want, and
 	recompile your kernel.  See <link linkend="kernelconfig">reconfiguring
@ -1965,7 +1965,7 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
        <secondary>configuring</secondary>
      </indexterm>
-      <para>The configuration of the <application>IPFW</application> software
+      <para>The configuration of the IPFW software
 	is done through the &man.ipfw.8; utility.  The syntax for this
 	command looks quite complicated, but it is relatively simple once you
 	understand its structure.</para>
@ -2031,7 +2031,7 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
 	  </varlistentry>
 	</variablelist>
-	<para>Previous versions of <application>IPFW</application> used
+	<para>Previous versions of IPFW used
 	  separate firewall and accounting entries.  The present version
 	  provides packet accounting with each firewall entry.</para>
@ -2366,7 +2366,7 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
    </sect2>
    <sect2>
-      <title>Example Commands for ipfw</title>
+      <title>Example Commands for <application>ipfw</application></title>
      <para>This command will deny all packets from the host <hostid
 	  role="fqdn">evil.crackers.org</hostid> to the telnet port of the
@ -2565,6 +2565,16 @@ FreeBSD BUILT-19950429 (GR386) #0: Sat Apr 29 17:50:09 SAT 1995</screen>
      <secondary>IPsec</secondary>
    </indexterm>
    <note>
      <title>Terminating Characters</title>
      <para>Throughout examples in this section, and other sections,
 	you will notice that there is a <quote>^D</quote> at the end
 	of some examples. This means to hold down the <keycap>Control</keycap>
 	key and hit the <keycap>D</keycap> key. Another commonly used
 	character is <quote>^C</quote>, which respectively means to hold
 	down <keycap>Control</keycap> and press <keycap>C</keycap>.</para>
    </note>
    <para>The IPsec mechanism provides secure communication for IP
    layer and socket layer communication.  This section should
    explain how to use them.  For implementation details, please