os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

- Add some missing tags and entities

Browse source 
- Some rewordings
This commit is contained in:
Marc Fonvieille 2004-11-20 22:03:55 +00:00
parent 01ce6c4c72
commit c80e894ad4
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=22997
1 changed files with 8 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
en_US.ISO8859-1/books/handbook/security/chapter.sgml
View file

@ -3725,11 +3725,11 @@ sh /etc/ipf.rules.script</programlisting>
<sect3> <sect3>
<title>Rule Syntax</title> <title>Rule Syntax</title>
<para>The rule syntax presented here has been simplified to only <para>The rule syntax presented here has been simplified to only
address the modern stateful rule context and 'first matching address the modern stateful rule context and <quote>first matching
rule wins' logic. For the complete legacy rule syntax rule wins</quote> logic. For the complete legacy rule syntax
description see the online ipf manual page at &man.ipf.8;</para> description see the &man.ipf.8; manual page.</para>
<para># is used to mark the start of a comment and may appear at <para><literal>#</literal> is used to mark the start of a comment and may appear at
the end of a rule line or on its own lines. Blank lines are the end of a rule line or on its own lines. Blank lines are
ignored.</para> ignored.</para>
@ -4376,15 +4376,14 @@ block in log first quick on dc0 all
<para>The rule syntax presented here has been simplified to <para>The rule syntax presented here has been simplified to
what is most commonly used in a non-commercial environment. what is most commonly used in a non-commercial environment.
For a complete rule syntax description see the ipf manual page For a complete rule syntax description see the &man.ipnat.5; manual page.</para>
at &man.ipnat.5;.</para>
<para>The syntax for a <acronym>NAT</acronym> rule looks something like this: <para>The syntax for a <acronym>NAT</acronym> rule looks something like this:
</para> </para>
<programlisting>map <replaceable>IF</replaceable> <replaceable>LAN_IP_RANGE</replaceable> -> <replaceable>PUBLIC_ADDRESS</replaceable></programlisting> <programlisting>map <replaceable>IF</replaceable> <replaceable>LAN_IP_RANGE</replaceable> -> <replaceable>PUBLIC_ADDRESS</replaceable></programlisting>
<para>The keyword `map' starts the rule.</para> <para>The keyword <literal>map</literal> starts the rule.</para>
<para>Replace <replaceable>IF</replaceable> with the external <para>Replace <replaceable>IF</replaceable> with the external
interface.</para> interface.</para>
@ -4840,7 +4839,7 @@ options IPV6FIREWALL_DEFAULT_TO_ACCEPT</programlisting>
<para>The rule syntax presented here has been simplified to <para>The rule syntax presented here has been simplified to
what is necessary to create a standard inclusive type what is necessary to create a standard inclusive type
firewall rule set. For a complete rule syntax description firewall rule set. For a complete rule syntax description
see the online &man.ipfw.8; manual page.</para> see the &man.ipfw.8; manual page.</para>
<para>Rules contain keywords, These keywords have to be coded <para>Rules contain keywords, These keywords have to be coded
in a specific order from left to right on the line. Keywords in a specific order from left to right on the line. Keywords
@ -4848,7 +4847,7 @@ options IPV6FIREWALL_DEFAULT_TO_ACCEPT</programlisting>
which may be keywords them selves and also include more which may be keywords them selves and also include more
sub-options.</para> sub-options.</para>
<para># is used to mark the start of a comment and may appear <para><literal>#</literal> is used to mark the start of a comment and may appear
at the end of a rule line or on its own lines. Blank lines at the end of a rule line or on its own lines. Blank lines
are ignored.</para> are ignored.</para>