docs/74720: [patch] Handbook: More corrections to the firewall chapter

Joel Dahl joel at automatvapen.se
Sun Dec 5 14:40:23 UTC 2004


>Number:         74720
>Category:       docs
>Synopsis:       [patch] Handbook: More corrections to the firewall chapter
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Dec 05 14:40:22 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Joel Dahl
>Release:        FreeBSD 5.3-STABLE i386
>Organization:
>Environment:
System: FreeBSD dude.automatvapen.se 5.3-STABLE FreeBSD 5.3-STABLE #1: Sat Nov 13 19:50:36 CET 2004 joel at dude.automatvapen.se:/usr/obj/usr/src/sys/WRK i386


	
>Description:
- Remove contractions.
- Use the serial comma.
- Correct spelling.

This chapter still requires a lot of work.
	
>How-To-Repeat:
	
>Fix:

	

--- firewall2.diff begins here ---
Index: chapter.sgml
===================================================================
RCS file: /home/ncvs/doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml,v
retrieving revision 1.1
diff -u -r1.1 chapter.sgml
--- chapter.sgml	5 Dec 2004 00:14:21 -0000	1.1
+++ chapter.sgml	5 Dec 2004 13:46:13 -0000
@@ -39,11 +39,11 @@
       network connections and either allows the traffic through or
       blocks it. The rules of the firewall can inspect one or more
       characteristics of the packets, including but not limited to the
-      protocol type, the source or destination host address and the
+      protocol type, the source or destination host address, and the
       source or destination port.</para>
 
     <para>Firewalls greatly enhance the security of your network, your
-      applications and services. They can be used to do one of more of
+      applications and services. They can be used to do one or more of
       the following things:</para>
 
     <itemizedlist>
@@ -197,7 +197,7 @@
     <para>The author prefers IPFILTER because its stateful rules are
       much less complicated to use in a <acronym>NAT</acronym>
       environment and it has a built in ftp proxy that simplifies the
-      rules to allow secure outbound FTP usage. If is also more
+      rules to allow secure outbound FTP usage. It is also more
       appropriate to the knowledge level of the inexperienced firewall
       user.</para>
 
@@ -566,7 +566,7 @@
          log and adds the log keyword to those rules. Normally only
          deny rules are logged.</para>
 
-       <para>Its very customary to include a default deny everything
+       <para>It is very customary to include a default deny everything
          rule with the log keyword included as your last rule in the
          rule set. This way you get to see all the packets that did not
          match any of the rules in the rule set.</para>
@@ -749,8 +749,8 @@
        <para>That is all there is to it. The rules are not important in
          this example, how the Symbolic substitution field are populated
          and used are. If the above example was in /etc/ipf.rules.script
-         file, you could reload these rules by entering on the command
-         line.</para>
+         file, you could reload these rules by entering this on the command
+         line:</para>
 
        <programlisting><command>sh /etc/ipf.rules.script</command>
          </programlisting>
@@ -948,7 +948,7 @@
            <title>SELECTION</title>
            <para>The keywords described in this section are used to
              describe attributes of the packet to be interrogated when
-             determining whether rules match or don't match. There is a
+             determining whether rules match or not. There is a
              keyword subject, and it has sub-option keywords, one of
              which has to be selected. The following general-purpose
              attributes are provided for matching, and must be used in
@@ -1842,7 +1842,7 @@
 options    IPV6FIREWALL_DEFAULT_TO_ACCEPT</programlisting>
 
       <para>These options are exactly the same as the IPv4 options but
-        they are for IPv6. If you don't use IPv6 you might want to use
+        they are for IPv6. If you do not use IPv6 you might want to use
         IPV6FIREWALL without any rules to block all IPv6</para>
 
       <programlisting>options    IPDIVERT</programlisting>
@@ -1851,7 +1851,7 @@
         functionality.</para>
 
       <note>
-        <para>If you don't include IPFIREWALL_DEFAULT_TO_ACCEPT or set
+        <para>If you do not include IPFIREWALL_DEFAULT_TO_ACCEPT or set
           your rules to allow incoming packets you will block all
           packets going to and from this machine.</para>
       </note>
@@ -2066,7 +2066,7 @@
 
           <para>The keywords described in this section are used to
             describe attributes of the packet to be interrogated when
-            determining whether rules match or don't match the packet.
+            determining whether rules match the packet or not.
             The following general-purpose attributes are provided for
             matching, and must be used in this order:</para>
 
@@ -2276,7 +2276,7 @@
             </programlisting>
 
           <para>The <filename>/etc/ipfw.rules</filename> file could be
-            located any where you want and the file could be named any
+            located anywhere you want and the file could be named any
             thing you would like.</para>
 
           <para>The same thing could also be accomplished by running
--- firewall2.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:



More information about the freebsd-doc mailing list