git: c39dda81923a - main - rc.conf(5): Document the 'workstation' firewall_type

[Daniel Ebdrup Jensen]

The branch main has been updated by debdrup (doc committer):

URL: https://cgit.FreeBSD.org/src/commit/?id=c39dda81923a26116241fbe996351133c86ad97a

commit c39dda81923a26116241fbe996351133c86ad97a
Author:     Tobias Rehbein <tobias.rehbein at web.de>
AuthorDate: 2021-03-18 17:01:09 +0000
Commit:     Daniel Ebdrup Jensen <debdrup at FreeBSD.org>
CommitDate: 2021-03-18 17:39:24 +0000

    rc.conf(5): Document the 'workstation' firewall_type
    
    Document the workstation ACL ruleset, which uses stateful rules.
    
    While here, add a note about where some of the undocumented variables
    can be found. This is not a perfect solution for bug 127359, but it at
    at least gives a place to go look, and can be used as a reference for
    when bug 127359 gets fixed properly.
    
    PR:             254358, 127359
---
 share/man/man5/rc.conf.5 | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index fef0f167d1a5..ddf4ea120df5 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -539,7 +539,7 @@ Valid selections from
 .Pa /etc/rc.firewall
 are:
 .Pp
-.Bl -tag -width ".Li simple" -compact
+.Bl -tag -width ".Li workstation" -compact
 .It Li open
 unrestricted IP access
 .It Li closed
@@ -547,12 +547,18 @@ all IP services disabled, except via
 .Dq Li lo0
 .It Li client
 basic protection for a workstation
+.It Li workstation
+basic protection for a workstation using stateful firewalling
 .It Li simple
 basic protection for a LAN.
 .El
 .Pp
 If a filename is specified, the full path
 must be given.
+.Pp
+Most of the predefined rulesets define additional configuration variables.
+These are documented in
+.Pa /etc/rc.firewall .
 .It Va firewall_quiet
 .Pq Vt bool
 Set to