docs/92113: [PATCH] a little addition to the firewalls-pf section of the handbook
Daniel Gerzo
danger at rulez.sk
Sun Jan 22 18:43:58 UTC 2006
On Sun, Jan 22, 2006 at 05:00:05PM +0000, Brad Davis wrote:
> Synopsis: [PATCH] a little addition to the firewalls-pf section of the handbook
>
> Responsible-Changed-From-To: freebsd-doc->brd
> Responsible-Changed-By: brd
> Responsible-Changed-When: Sun Jan 22 16:59:24 UTC 2006
> Responsible-Changed-Why:
> grab..
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=92113
please use attached diff, there was a typo in "it's" -> should be just
"its" and as I was told, the pf port is long time gone, so remove it
from the warning message. These things were found by simon, thanks :)
--
Sincerely,
Daniel Gerzo
-------------- next part --------------
--- /usr/home/danger/doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml.orig Thu Jan 5 20:03:37 2006
+++ /usr/home/danger/doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml Sun Jan 22 18:42:55 2006
@@ -1,7 +1,7 @@
<!--
The FreeBSD Documentation Project
- $FreeBSD: /repoman/r/dcvs/doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml,v 1.63 2006/01/05 20:03:37 delphij Exp $
+ $FreeBSD: doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml,v 1.63 2006/01/05 20:03:37 delphij Exp $
-->
<chapter id="firewalls">
@@ -256,16 +256,6 @@
<para>More info can be found at the PF for &os; web site: <ulink
url="http://pf4freebsd.love2party.net/"></ulink>.</para>
- <para>The OpenBSD PF user's guide is here: <ulink
- url="http://www.openbsd.org/faq/pf/"></ulink>.</para>
-
- <warning>
- <para>PF in &os; 5.X is at the level of OpenBSD version 3.5. The
- port from the &os; Ports Collection is at the level of OpenBSD
- version 3.4. Keep that in mind when browsing the user's
- guide.</para>
- </warning>
-
<sect2>
<title>Enabling PF</title>
@@ -283,6 +273,21 @@
was defined during the build, it also requires <literal>options
INET6</literal>.</para>
</note>
+
+ <para>Once the kernel module is loaded or the kernel is statically
+ built with PF support, it is possible to enable or disable
+ <application>pf</application> with <command>pfctl</command>
+ command.</para>
+
+ <para>This example demonstrates how to enable the
+ <application>pf</application>:</para>
+
+ <screen>&prompt.root; <userinput>pfctl -e</userinput></screen>
+
+ <para>The <command>pfctl</command> command provides a way to work
+ with the <application>pf</application> firewall. It is a good
+ idea to check the &man.pfctl.8; manual page to find out more
+ information about using it.</para>
</sect2>
<sect2>
@@ -413,6 +418,35 @@
<acronym>SMP</acronym> support for <acronym>ALTQ</acronym>.
This option is required on <acronym>SMP</acronym>
systems.</para>
+ </sect2>
+
+ <sect2>
+ <title>Creating Filtering Rules</title>
+
+ <para>The Packet Filter reads its configuration rules from the
+ &man.pf.conf.5; file and it modifies, drops or passes packets
+ according to the rules or definitions specified there. The &os;
+ installation comes with a default
+ <filename>/etc/pf.conf</filename> which contains useful examples
+ and explanations.</para>
+
+ <para>Although &os; has its own <filename>/etc/pf.conf</filename>
+ the syntax is the same as one used in OpenBSD. A great
+ resource for configuring the <application>pf</application>
+ firewall has been written by OpenBSD team and is available at
+ <ulink url="http://www.openbsd.org/faq/pf/"></ulink>.</para>
+
+ <warning>
+ <para>The <application>pf</application> firewall in &os; 5.X is
+ at the level of OpenBSD version 3.5 and in &os; 6.X is at the
+ level of OpenBSD version 3.7. Please, keep that in mind when
+ browsing the <application>pf</application> user's guide.</para>
+ </warning>
+
+ <para>The &a.pf; is a good place to ask questions about
+ configuring and running the <application>pf</application>
+ firewall. Do not forget to check the mailing list archives
+ before asking questions.</para>
</sect2>
</sect1>
More information about the freebsd-doc
mailing list