IPFW uses 'deny' (or 'drop') instead of 'block'.

Fix two examples and slightly rephrase the description for clarity. Submitted by: Nikos Isaris <nakaliptos at gmail dot com>
svn path=/head/; revision=34667
2009-09-01 13:41:42 +00:00 · 2009-09-01 13:41:42 +00:00 · ed49451c6a · 2020-12-08 03:00:23 +00:00
commit ed49451c6a
parent 51dd56001a
1 changed files with 7 additions and 6 deletions
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
@ -2281,11 +2281,12 @@ net.inet.ip.fw.verbose_limit=5</programlisting>
 	rules for <application>ipfw</application> firewall.  One is
 	by setting <literal>firewall_type</literal> variable to absolute
 	path of file, which contains <emphasis>firewall rules</emphasis>
-	without any command-line options for &man.ipfw.8; itself.  A
-	simple example of ruleset file can be following:</para>
+	without any command-line options for &man.ipfw.8; itself.
+	The following is a simple example of a ruleset file that blocks
+	all incoming and outgoing traffic:</para>

-     <programlisting>add block in  all
-add block out all</programlisting>
+     <programlisting>add deny in
+add deny out</programlisting>

     <para>On the other hand, it is possible to set the
 	<literal>firewall_script</literal> variable to the absolute path of an
@ -2298,8 +2299,8 @@ add block out all</programlisting>

 ipfw -q flush

-ipfw add block in  all
-ipfw add block out all</programlisting>
+ipfw add deny in
+ipfw add deny out</programlisting>

      <note>
 	<para>If <literal>firewall_type</literal> is set to either