From a8a2275f0db0085baf52ac9ca75097abd9e3a929 Mon Sep 17 00:00:00 2001 From: Murray Stokely Date: Wed, 14 Nov 2001 16:01:35 +0000 Subject: [PATCH] Add a small note about using a sysctl instead of recompiling the kernel. PR: 31976 Submitted by: Marc Silver --- en_US.ISO8859-1/articles/dialup-firewall/article.sgml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/en_US.ISO8859-1/articles/dialup-firewall/article.sgml b/en_US.ISO8859-1/articles/dialup-firewall/article.sgml index 5dfcfaf891..a84482f46c 100644 --- a/en_US.ISO8859-1/articles/dialup-firewall/article.sgml +++ b/en_US.ISO8859-1/articles/dialup-firewall/article.sgml @@ -213,7 +213,7 @@ $fwcmd add allow tcp from any to any out xmit tun0 setup $fwcmd add allow tcp from any to any via tun0 established # Everyone on the internet is allowed to connect to the following -# services on the machine. This example shows that people may connect +# services on the machine. This example specifically allows connections # to ssh and apache. $fwcmd add allow tcp from any to any 80 setup $fwcmd add allow tcp from any to any 22 setup @@ -284,7 +284,9 @@ $fwcmd add 65435 deny log ip from any to any command. Alternatively, you may increase the log limit in your kernel configuration with the option as - described above. + described above. You may also change this limit (without + recompiling your kernel and having to reboot) by using the + net.inet.ip.fw.verbose_limit &man.sysctl.8; value.