svn commit: r52785 - head/en_US.ISO8859-1/books/handbook/firewalls
Danilo G. Baio
dbaio at FreeBSD.org
Mon Jan 28 12:37:46 UTC 2019
Author: dbaio (ports committer)
Date: Mon Jan 28 12:37:45 2019
New Revision: 52785
URL: https://svnweb.freebsd.org/changeset/doc/52785
Log:
handbook: Improve Firewalls chapter
- Fix some dead links and punctuations
- pfctl_parser.c was moved to a new location since FreeBSD 10
- Fix a few service commands
Issues found when translating this chapter to pt_BR.
Reviewed by: bcr
Approved by: doc (bcr)
Differential Revision: https://reviews.freebsd.org/D18981
Modified:
head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Sun Jan 27 01:50:51 2019 (r52784)
+++ head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml Mon Jan 28 12:37:45 2019 (r52785)
@@ -173,8 +173,8 @@
and do a port number lookup to find the purpose of a particular
port number.</para>
- <para>Check out this link for port numbers used by Trojans <uri
- xlink:href="http://www.sans.org/security-resources/idfaq/oddports.php">http://www.sans.org/security-resources/idfaq/oddports.php</uri>.</para>
+ <para>Check out this link for <uri
+ xlink:href="http://web.archive.org/web/20150803024617/http://www.sans.org/security-resources/idfaq/oddports.php">port numbers used by Trojans</uri>.</para>
<para>FTP has two modes: active mode and passive mode. The
difference is in how the data channel is acquired. Passive
@@ -606,8 +606,8 @@ options ALTQ_PRIQ # Priority Queuing (PR
</variablelist>
<para>More information about the scheduling
- algorithms and example rulesets are available at <uri
- xlink:href="http://www.openbsd.org/faq/pf/queueing.html">http://www.openbsd.org/faq/pf/queueing.html</uri>.</para>
+ algorithms and example rulesets are available at the <uri
+ xlink:href="https://web.archive.org/web/20151109213426/http://www.openbsd.org/faq/pf/queueing.html">OpenBSD's web archive</uri>.</para>
</sect2>
<sect2 xml:id="pf-tutorial">
@@ -831,7 +831,7 @@ pass from { lo0, $localnet } to any keep state</progra
flags S/SA keep state</programlisting>
<para>A few other pass rules may be needed. This one enables
- <acronym>SSH</acronym> on the external interface::</para>
+ <acronym>SSH</acronym> on the external interface:</para>
<programlisting>pass in inet proto tcp to $ext_if port ssh</programlisting>
@@ -1009,7 +1009,7 @@ pass inet proto icmp from any to $ext_if keep state</p
<para>If other types of <acronym>ICMP</acronym> packets are
needed, expand <literal>icmp_types</literal> to a list of
those packet types. Type <command>more
- /usr/src/contrib/pf/pfctl/pfctl_parser.c</command> to see
+ /usr/src/sbin/pfctl/pfctl_parser.c</command> to see
the list of <acronym>ICMP</acronym> message types supported
by <application>PF</application>. Refer to <link
xlink:href="http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml">http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml</link>
@@ -1417,7 +1417,7 @@ rdr pass on $ext_if inet proto tcp from !<spamd-whi
<para>When finished, reload the ruleset, start
<application>spamd</application> by typing
- <command>service start obspamd</command>, and complete
+ <command>service obspamd start</command>, and complete
the configuration using <command>spamd-setup</command>.
Finally, create a &man.cron.8; job which calls
<command>spamd-setup</command> to update the tables at
@@ -1472,8 +1472,8 @@ rdr pass on $ext_if inet proto tcp from !<spamd-whi
<step>
<para>To complete the greylisting setup:</para>
- <programlisting>&prompt.root; <userinput>service restart obspamd</userinput>
-&prompt.root; <userinput>service start spamlogd</userinput></programlisting>
+ <programlisting>&prompt.root; <userinput>service obspamd restart</userinput>
+&prompt.root; <userinput>service obspamlogd start</userinput></programlisting>
</step>
</procedure>
@@ -2164,7 +2164,7 @@ pif="dc0" # interface name of NIC attached to Inte
<acronym>LAN</acronym> should be assigned an
<acronym>IP</acronym> address in the private network space, as
defined by <link
- xlink:href="ftp://ftp.isi.edu/in-notes/rfc1918.txt">RFC
+ xlink:href="https://www.ietf.org/rfc/rfc1918.txt">RFC
1918</link>, and have the default gateway set to the
&man.natd.8; system's internal <acronym>IP</acronym>
address.</para>
@@ -2365,7 +2365,7 @@ good_tcpo="22,25,37,53,80,443,110"</programlisting>
configuration file.</para>
<para>For further configuration options, consult
- &man.natd.8;</para>
+ &man.natd.8;.</para>
</sect3>
<sect3>
More information about the svn-doc-all
mailing list