Spelling, grammar, and markup fixes.
PR: 28767 Submitted by: Giorgos Keramidas <keramida@ceid.upatras.gr>
This commit is contained in:
Dima Dorfman
parent
6ef8ab4907
commit
b5284499e3
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=9801
1 changed files with 10 additions and 9 deletions
|
|
@ -1,7 +1,7 @@
|
|||
<!--
|
||||
The FreeBSD Documentation Project
|
||||
|
||||
$FreeBSD: doc/en_US.ISO8859-1/articles/dialup-firewall/article.sgml,v 1.7 2001/04/17 15:53:37 nik Exp $
|
||||
$FreeBSD: doc/en_US.ISO8859-1/articles/dialup-firewall/article.sgml,v 1.8 2001/06/24 21:01:53 dd Exp $
|
||||
-->
|
||||
|
||||
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
|
||||
|
|
@ -24,7 +24,7 @@
|
|||
</author>
|
||||
</authorgroup>
|
||||
|
||||
<pubdate>$Date: 2001-06-24 21:01:53 $</pubdate>
|
||||
<pubdate>$Date: 2001-07-06 12:50:08 $</pubdate>
|
||||
|
||||
<abstract>
|
||||
<para>This article documents how to setup a firewall using a PPP
|
||||
|
|
@ -176,7 +176,7 @@ ppp_profile="<replaceable>profile</replaceable>"</programlisting>
|
|||
|
||||
<para>We're nearly done now. All that remains now is to define the
|
||||
firewall rules and then we can reboot and the firewall should be up and
|
||||
running. I realise that everyone will want something slightly different
|
||||
running. I realize that everyone will want something slightly different
|
||||
when it comes to their rulebase. What I've tried to do is write a
|
||||
rulebase that suits most dialup users. You can obviously modify it to
|
||||
your needs by simply using the following rules as the foundation for
|
||||
|
|
@ -187,9 +187,10 @@ ppp_profile="<replaceable>profile</replaceable>"</programlisting>
|
|||
rules for your allows, and then everything else is denied. :)</para>
|
||||
|
||||
<para>Now, let's make the dir /etc/firewall. Change into the directory and
|
||||
edit the file fwrules as we specified in rc.conf. Please note that you
|
||||
can change this filename to be anything you wish. This guide just gives
|
||||
an example of a filename. </para>
|
||||
edit the file <filename>fwrules</filename> as we specified in
|
||||
<filename>rc.conf</filename>. Please note that you can change this
|
||||
filename to be anything you wish. This guide just gives an example of a
|
||||
filename. </para>
|
||||
|
||||
<para>Now, let's look at a sample firewall file, and we'll detail
|
||||
everything in it. </para>
|
||||
|
|
@ -263,8 +264,8 @@ $fwcmd add 65435 deny log ip from any to any</programlisting>
|
|||
|
||||
<answer>
|
||||
<para>I'll have to be honest and say there's no definitive reason
|
||||
why I use ipfw and natd instead of the built in ppp filters. From
|
||||
the discussions I've had with people the consensus seems to be
|
||||
why I use ipfw and natd instead of the built in ppp filters. From
|
||||
the discussions I've had with people the consensus seems to be
|
||||
that while ipfw is certainly more powerful and more configurable
|
||||
than the ppp filters, what it makes up for in functionality it
|
||||
loses in being easy to customise. One of the reasons I use it is
|
||||
|
|
@ -276,7 +277,7 @@ $fwcmd add 65435 deny log ip from any to any</programlisting>
|
|||
<qandaentry>
|
||||
<question>
|
||||
<para>If I'm using private addresses internally, such as in the
|
||||
192.168.0.0 range, Could I add a command like <literal>$fwcmd add
|
||||
192.168.0.0 range, could I add a command like <literal>$fwcmd add
|
||||
deny all from any to 192.168.0.0:255.255.0.0 via tun0</literal>
|
||||
to the firewall rules to prevent outside attempts to connect to
|
||||
internal machines?</para>
|
||||
|
|
|
|||
Loading…
Reference in a new issue