diff options
author | Danilo G. Baio <dbaio@FreeBSD.org> | 2019-01-28 12:37:45 +0000 |
---|---|---|
committer | Danilo G. Baio <dbaio@FreeBSD.org> | 2019-01-28 12:37:45 +0000 |
commit | 01023d99b7a6098feb3363ff1cffdeaa8f9c44fc (patch) | |
tree | 23b64a11a926691d4a31d444eb322467e2610526 | |
parent | eddf97db17267d28d1687c3e585cd46e2c8592cd (diff) | |
download | doc-01023d99b7a6098feb3363ff1cffdeaa8f9c44fc.tar.gz doc-01023d99b7a6098feb3363ff1cffdeaa8f9c44fc.zip |
handbook: Improve Firewalls chapter
- Fix some dead links and punctuations
- pfctl_parser.c was moved to a new location since FreeBSD 10
- Fix a few service commands
Issues found when translating this chapter to pt_BR.
Reviewed by: bcr
Approved by: doc (bcr)
Differential Revision: https://reviews.freebsd.org/D18981
Notes
Notes:
svn path=/head/; revision=52785
-rw-r--r-- | en_US.ISO8859-1/books/handbook/firewalls/chapter.xml | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml index abb0da5dfe..47ec23678e 100644 --- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml @@ -173,8 +173,8 @@ and do a port number lookup to find the purpose of a particular port number.</para> - <para>Check out this link for port numbers used by Trojans <uri - xlink:href="http://www.sans.org/security-resources/idfaq/oddports.php">http://www.sans.org/security-resources/idfaq/oddports.php</uri>.</para> + <para>Check out this link for <uri + xlink:href="http://web.archive.org/web/20150803024617/http://www.sans.org/security-resources/idfaq/oddports.php">port numbers used by Trojans</uri>.</para> <para>FTP has two modes: active mode and passive mode. The difference is in how the data channel is acquired. Passive @@ -606,8 +606,8 @@ options ALTQ_PRIQ # Priority Queuing (PRIQ)</programlisting> </variablelist> <para>More information about the scheduling - algorithms and example rulesets are available at <uri - xlink:href="http://www.openbsd.org/faq/pf/queueing.html">http://www.openbsd.org/faq/pf/queueing.html</uri>.</para> + algorithms and example rulesets are available at the <uri + xlink:href="https://web.archive.org/web/20151109213426/http://www.openbsd.org/faq/pf/queueing.html">OpenBSD's web archive</uri>.</para> </sect2> <sect2 xml:id="pf-tutorial"> @@ -831,7 +831,7 @@ pass from { lo0, $localnet } to any keep state</programlisting> flags S/SA keep state</programlisting> <para>A few other pass rules may be needed. This one enables - <acronym>SSH</acronym> on the external interface::</para> + <acronym>SSH</acronym> on the external interface:</para> <programlisting>pass in inet proto tcp to $ext_if port ssh</programlisting> @@ -1009,7 +1009,7 @@ pass inet proto icmp from any to $ext_if keep state</programlisting> <para>If other types of <acronym>ICMP</acronym> packets are needed, expand <literal>icmp_types</literal> to a list of those packet types. Type <command>more - /usr/src/contrib/pf/pfctl/pfctl_parser.c</command> to see + /usr/src/sbin/pfctl/pfctl_parser.c</command> to see the list of <acronym>ICMP</acronym> message types supported by <application>PF</application>. Refer to <link xlink:href="http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml">http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml</link> @@ -1417,7 +1417,7 @@ rdr pass on $ext_if inet proto tcp from !<spamd-white> to \ <para>When finished, reload the ruleset, start <application>spamd</application> by typing - <command>service start obspamd</command>, and complete + <command>service obspamd start</command>, and complete the configuration using <command>spamd-setup</command>. Finally, create a &man.cron.8; job which calls <command>spamd-setup</command> to update the tables at @@ -1472,8 +1472,8 @@ rdr pass on $ext_if inet proto tcp from !<spamd-white> to \ <step> <para>To complete the greylisting setup:</para> - <programlisting>&prompt.root; <userinput>service restart obspamd</userinput> -&prompt.root; <userinput>service start spamlogd</userinput></programlisting> + <programlisting>&prompt.root; <userinput>service obspamd restart</userinput> +&prompt.root; <userinput>service obspamlogd start</userinput></programlisting> </step> </procedure> @@ -2164,7 +2164,7 @@ pif="dc0" # interface name of NIC attached to Internet</programlisting> <acronym>LAN</acronym> should be assigned an <acronym>IP</acronym> address in the private network space, as defined by <link - xlink:href="ftp://ftp.isi.edu/in-notes/rfc1918.txt">RFC + xlink:href="https://www.ietf.org/rfc/rfc1918.txt">RFC 1918</link>, and have the default gateway set to the &man.natd.8; system's internal <acronym>IP</acronym> address.</para> @@ -2365,7 +2365,7 @@ good_tcpo="22,25,37,53,80,443,110"</programlisting> configuration file.</para> <para>For further configuration options, consult - &man.natd.8;</para> + &man.natd.8;.</para> </sect3> <sect3> |