Insert information about PF in the Firewall Software Applications

section.

Approved by:		simon (mentor)

en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml

@@ -158,15 +158,15 @@
   <sect1 id="firewalls-apps">
     <title>Firewall Software Applications</title>
 
-    <para>&os; has two different firewall software products built into
-      the base system. They are IPFILTER (i.e. also known as IPF) and
-      IPFIREWALL (i.e. also known as IPFW). IPFIREWALL has the built
+    <para>&os; has three different firewall software products built into
+      the base system. They are IPFILTER (also known as IPF),
+      IPFIREWALL (also known as IPFW) and PF (OpenBSD's PacketFilter).  IPFIREWALL has the built
       in DUMMYNET traffic shaper facilities for controlling bandwidth
       usage. IPFILTER does not have a built in traffic shaper facility
       for controlling bandwidth usage, but the ALTQ port application
       can be used to accomplish the same function.  The DUMMYNET
       feature and <acronym>ALTQ</acronym> is generally useful only to
-      large ISPs or commercial users. Both IPF and IPFW use rules to
+      large ISPs or commercial users.  IPF, IPFW and PF use rules to
       control the access of packets to and from your system, although
       they go about it different ways and have different rule
       syntaxes.</para>
@@ -185,7 +185,7 @@
       abilities capable of defending against the flood of different
       methods currently employed by attackers.</para>
 
-    <para>Both of these firewall software solutions IPF and IPFW still
+    <para>All of these firewall software solutions IPF, IPFW and PF still
       maintain their legacy heritage of their original rule processing
       order and reliance on non-stateful rules. These outdated
       concepts are not covered here, only the new, modern stateful