Add a small note about using a sysctl instead of recompiling the

kernel. PR: 31976 Submitted by: Marc Silver <marcs@riffraff.plig.net>
svn path=/head/; revision=11205
2001-11-14 16:01:35 +00:00 · 2001-11-14 16:01:35 +00:00 · a8a2275f0d · 2020-12-08 03:00:23 +00:00
commit a8a2275f0d
parent a15f897fee
1 changed files with 4 additions and 2 deletions
--- a/en_US.ISO8859-1/articles/dialup-firewall/article.sgml
+++ b/en_US.ISO8859-1/articles/dialup-firewall/article.sgml
@ -213,7 +213,7 @@ $fwcmd add allow tcp from any to any out xmit tun0 setup
 $fwcmd add allow tcp from any to any via tun0 established

 # Everyone on the internet is allowed to connect to the following
-# services on the machine.  This example shows that people may connect
+# services on the machine.  This example specifically allows connections
 # to ssh and apache.
 $fwcmd add allow tcp from any to any 80 setup
 $fwcmd add allow tcp from any to any 22 setup
@ -284,7 +284,9 @@ $fwcmd add 65435 deny log ip from any to any</programlisting>
            command.  Alternatively, you may increase the log limit in
            your kernel configuration with the
            <option>IPFIREWALL_VERBOSE_LIMIT</option> option as
-            described above.</para>
+            described above.  You may also change this limit (without
+	    recompiling your kernel and having to reboot) by using the
+	    net.inet.ip.fw.verbose_limit &man.sysctl.8; value.</para>
        </answer>
      </qandaentry>