[PATCH] handbook/firewalls: rewrite warning

Peter Pentchev roam at ringlet.net
Wed Feb 16 15:47:06 UTC 2005 

On Wed, Feb 16, 2005 at 06:09:05PM +0300, Denis Peplin wrote:
> Hello!
> 
> Some parts of handbook's firewall chapter still
> can mislead some users.
> 
> Patch (attached) mostly obtained from security
> chapter, rev. 1.229
> 
> I will apply this small patch to current firewalls
> sections after 2 days, if no objections.
> 
> Thanks!

> Index: firewalls/chapter.sgml
> ===================================================================
> RCS file: /home/dcvs/doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml,v
> retrieving revision 1.34
> diff -u -r1.34 chapter.sgml
> --- firewalls/chapter.sgml	15 Feb 2005 15:09:42 -0000	1.34
> +++ firewalls/chapter.sgml	16 Feb 2005 14:59:10 -0000
> @@ -950,13 +950,12 @@
>           sets and is the only rule set type covered herein.</para>
>  
>         <warning>
> -         <para>When working with the firewall rules, always,
> -           always do it on the console of the system running the
> -           firewall or you can end up locking your self out.
> -	   Alternatively, you may setup a cronjob to flush the
> -	   firewall rules say every five minutes.
> -	   This may not be acceptable for a corporate firewall,
> -	   but should be ok for a home firewall.</para>
> +         <para>When working with the firewall rules, be
> +	   <emphasis>very careful</emphasis>.  Some configurations
> +	   <emphasis>will lock yourself out</emphasis> of the server.

Errr.. shouldn't that be 'will lock *you* out'? :)

Other than that, no objections here - and the original text did indeed
need some clarification :)

G'luck,
Peter

-- 
Peter Pentchev	roam at ringlet.net    roam at cnsys.bg    roam at FreeBSD.org
PGP key:	http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint	FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
If this sentence were in Chinese, it would say something else.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-doc/attachments/20050216/4351e8ba/attachment.sig>

More information about the freebsd-doc mailing list