svn commit: r54389 - head/en_US.ISO8859-1/books/handbook/firewalls

Gordon Bergling gbe at FreeBSD.org
Sat Aug 1 10:48:29 UTC 2020 

Author: gbe
Date: Sat Aug  1 10:48:28 2020
New Revision: 54389
URL: https://svnweb.freebsd.org/changeset/doc/54389

Log:
  Handbook/Firewalls: correct the network devices in the NAT example
  
  PR:		232042
  Submitted by:	Samy Mahmoudi <samy dot mahmoudi at gmail dot com>
  Reviewed by:	bcr
  Approved by:	bcr
  Differential Revision:	https://reviews.freebsd.org/D25652

Modified:
  head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml

Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml	Sat Aug  1 10:16:40 2020	(r54388)
+++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml	Sat Aug  1 10:48:28 2020	(r54389)
@@ -630,8 +630,8 @@ pass proto udp to any port $udp_services keep state</p
 	  running <application>PF</application> to act as a gateway
 	  for at least one other machine.  The gateway needs at least
 	  two network interfaces, each connected to a separate
-	  network.  In this example, <filename>xl1</filename> is
-	  connected to the Internet and <filename>xl0</filename> is
+	  network.  In this example, <filename>xl0</filename> is
+	  connected to the Internet and <filename>xl1</filename> is
 	  connected to the internal network.</para>
 
 	<para>First, enable the gateway to let the machine
@@ -657,9 +657,9 @@ pass proto udp to any port $udp_services keep state</p
 
 	<para>Next, create the <application>PF</application> rules to
 	  allow the gateway to pass traffic.  While the following rule
-	  allows stateful traffic to pass from the Internet  to hosts
-	  on the network, the <literal>to</literal> keyword does not
-	  guarantee passage all the way from source to
+	  allows stateful traffic from hosts of the internal network
+	  to pass to the gateway, the <literal>to</literal> keyword
+	  does not guarantee passage all the way from source to
 	  destination:</para>
 
 	<programlisting>pass in on xl1 from xl1:network to xl0:network port $ports keep state</programlisting>

More information about the svn-doc-head mailing list