docs/66442: [PATCH] proposed dialup-firewall article wording change

Giorgos Keramidas keramida at
Tue May 11 01:08:29 UTC 2004

On 2004-05-10 06:01, Warren Block <wblock at> wrote:
> On Mon, 10 May 2004, Giorgos Keramidas wrote:
> > Both paragraphs listed in the diff below start with "First".  Surely
> > one of them must be "second" :-)
> > [snip]
> >      <para>First, let's start with the basics of closed firewalling.
> >        Closed firewalling is based on the idea that everything is denied
> >        by default.  The system administrator may then explicitly add
> >        rules for traffic that he or she would like to allow.  Rules
> >        should be in the order of allow first, and then deny.  The premise
> >        is that you add the rules for everything you would like to allow,
> >        and then everything else is automatically denied.</para>
> Eliminate the first sentence entirely.  Actually:
>         A closed firewall has everything denied by default.  The system
>         administrator may then add rules to allow desired traffic.
>         Rules that allow traffic are listed first, and then everything
>         else is denied.
>         Let's create the directory where we will store our
>         firewall rules.  For this example, we'll use <filename
>         class="directory">/etc/firewall</filename>. Change into the
>         directory and edit the file <filename>fwrules</filename> as
>         specified in <filename>rc.conf</filename>.  (This filename
>         can be anything you wish, as long as it matches the name given
>         in <filename>rc.conf</filename>.)

Oh, nice!

I see that Josef has already committed the previous version, but...  If
someone wants to recommit, changing the text to match Warren's wording,
feel free to make the change.  I'm not particularly fanatic about this
or that option and I do like this better :)


More information about the freebsd-doc mailing list