docs/77370: [patch] Fix errors in IPF section of firewalls chapter

Fri Feb 11 02:50:05 UTC 2005

>Number:         77370
>Category:       docs
>Synopsis:       [patch] Fix errors in IPF section of firewalls chapter
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 11 02:50:04 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     David Adam
>Release:        FreeBSD 5-STABLE
>Organization:
University Computer Club, UWA
>Environment:
Linux mussel 2.4.27-grsec #1 Wed Aug 18 19:57:12 WST 2004 i686 GNU/Linux
>Description:
Recent commits (http://www.freebsd.org/cgi/cvsweb.cgi/doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml.diff?r1=1.26&r2=1.27&f=h) to the IPF section of the firewall chapter have introduced several spelling and grammatical errors, as well as (in my opinion) suboptimal SGML use.
>How-To-Repeat:
http://lists.freebsd.org/pipermail/freebsd-doc/2005-February/007082.html discusses the changes.

The included patch fixes several minor grammatical and spelling errors, and also changes several <programlisting> and <command> sections to <screen>, <literal> and <userinput> where required.
>Fix:
Patch also available at http://zanchey.ucc.asn.au/freebsd/firewalls.chapter.patch

--- firewalls.chapter.sgml.orig	2005-02-11 09:45:29.000000000 +0800
+++ firewalls.chapter.sgml	2005-02-11 10:35:31.000000000 +0800
@@ -822,12 +822,11 @@
 
        <para>Symbolic fields do not have the $ prefix.</para>
 
-       <para>The value to populate the Symbolic field must be enclosed
-         with "double quotes".</para>
+       <para>The value to populate the symbolic field must be enclosed
+         with double quotes (<literal>"</literal>).</para>
 
        <para>Start your rule file with something like this:</para>
 
-
 <programlisting>############# Start of IPF rules script ########################
 
 oif="dc0"            # name of the outbound interface
@@ -836,7 +835,7 @@
 ks="keep state"
 fks="flags S keep state"
 
-# You can chose between building /etc/ipf.rules file
+# You can choose between building /etc/ipf.rules file
 # from this script or running this script "as is".
 #
 # Uncomment only one line and comment out another.
@@ -860,25 +859,24 @@
 ################## End of IPF rules script ########################</programlisting>
 
        <para>That is all there is to it. The rules are not important in
-         this example; how the Symbolic substitution field are populated
+         this example; how the symbolic substitution fields are populated
          and used are. If the above example was in a file named <filename>/etc/ipf.rules.script</filename>,
-         you could reload these rules by entering this on the command
-         line:</para>
+         you could reload these rules by entering the following command:</para>
 
-       <programlisting><command>sh /etc/ipf.rules.script</command>
-         </programlisting>
+       <screen>&prompt.root; <userinput>sh /etc/ipf.rules.script</command>
+         </screen>
 
        <para>There is one problem with using a rules file with embedded
-	 symbolics.  IPF do not understand symbolic substitution, and
-	 can not read such scripts directly.</para>
+	 symbolics: IPF does not understand symbolic substitution, and
+	 cannot read such scripts directly.</para>
 
       <para>This script can be used in one of two ways:</para>
 
       <itemizedlist>
         <listitem>
-	  <para>Uncomment line that begins from <command>cat</command>
-	    and comment out line that begins from
-	    <filename>/sbin/ipf</filename>.  Place
+	  <para>Uncomment the line that begins with <literal>cat</literal>,
+	    and comment out the line that begins with
+	    <literal>/sbin/ipf</literal>.  Place
 	    <literal>ipfilter_enable="YES"</literal> into
 	    <filename>/etc/rc.conf</filename> as usual, and run
 	    script once after each modification to create or update
@@ -903,11 +901,12 @@
 	  <para>The permissions on this script file must be read, write,
 	    execute for owner <username>root</username>.</para>
 
-	  <programlisting><command>chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh</command></programlisting>
+	  <screen>&prompt.root; <userinput>chown root /usr/local/etc/rc.d/ipf.loadrules.sh</userinput>
+&prompt.root; <userinput>chmod 700 /usr/local/etc/rc.d/ipf.loadrules.sh</userinput></screen>
 	</listitem>
       </itemizedlist>
 
-	<para>Now, when your system boots your IPF rules will be
+	<para>Now, when your system boots, your IPF rules will be
 	  loaded.</para>
      </sect2>
 

>Release-Note:
>Audit-Trail:
>Unformatted:

