From owner-freebsd-doc@FreeBSD.ORG Sat Feb 26 16:00:33 2005 Return-Path: Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C1DB16A4CE for ; Sat, 26 Feb 2005 16:00:33 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id B052643D60 for ; Sat, 26 Feb 2005 16:00:32 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id j1QG0WI1046700 for ; Sat, 26 Feb 2005 16:00:32 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.1/8.13.1/Submit) id j1QG0WkY046697; Sat, 26 Feb 2005 16:00:32 GMT (envelope-from gnats) Resent-Date: Sat, 26 Feb 2005 16:00:32 GMT Resent-Message-Id: <200502261600.j1QG0WkY046697@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Brad Davis Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC32D16A4CE for ; Sat, 26 Feb 2005 15:56:56 +0000 (GMT) Received: from ender.liquidneon.com (ender.liquidneon.com [64.78.150.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 47E4543D39 for ; Sat, 26 Feb 2005 15:56:56 +0000 (GMT) (envelope-from bdavis@house.so14k.com) Received: from localhost (localhost [127.0.0.1]) by ender.liquidneon.com (Postfix) with ESMTP id 924BF4355 for ; Sat, 26 Feb 2005 08:56:55 -0700 (MST) Received: from ender.liquidneon.com ([127.0.0.1]) by localhost (ender.liquidneon.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 09504-10 for ; Sat, 26 Feb 2005 08:56:55 -0700 (MST) Received: from mccaffrey.house.so14k.com (gw.house.so14k.com [216.87.87.128]) by ender.liquidneon.com (Postfix) with ESMTP id 0BD9D412C for ; Sat, 26 Feb 2005 08:56:55 -0700 (MST) Received: by mccaffrey.house.so14k.com (Postfix, from userid 1001) id 3606BBD1F; Sat, 26 Feb 2005 08:56:50 -0700 (MST) Message-Id: <20050226155650.3606BBD1F@mccaffrey.house.so14k.com> Date: Sat, 26 Feb 2005 08:56:50 -0700 (MST) From: Brad Davis To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: docs/78120: Lan -> LAN X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Brad Davis List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Feb 2005 16:00:33 -0000 >Number: 78120 >Category: docs >Synopsis: Lan -> LAN >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 26 16:00:32 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Brad Davis >Release: FreeBSD 5.4-PRERELEASE i386 >Organization: >Environment: System: FreeBSD mccaffrey.house.so14k.com 5.4-PRERELEASE FreeBSD 5.4-PRERELEASE #0: Thu Feb 24 17:03:44 MST 2005 root@mccaffrey.house.so14k.com:/usr/obj/usr/src/sys/SMP i386 >Description: Lan -> LAN in the firewall section. >How-To-Repeat: >Fix: --- doc-ori/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml Fri Feb 25 13:31:41 2005 +++ doc2/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml Sat Feb 26 08:52:48 2005 @@ -355,7 +355,7 @@ packets for the computers in the LAN or want to do NAT, you have to enable the following option as well: - gateway_enable="YES" # Enable as Lan gateway + gateway_enable="YES" # Enable as LAN gateway @@ -511,7 +511,7 @@ reserved private IP address ranges, then you need to add the following to enable NAT functionality: - gateway_enable="YES" # Enable as Lan gateway + gateway_enable="YES" # Enable as LAN gateway ipnat_enable="YES" # Start ipnat function ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat @@ -1718,7 +1718,7 @@ wins. NAT tests each of its rules against the packets interface name and source IP address. When a packets interface name matches a NAT rule - then the [source IP address, i.e. private Lan IP address] of + then the [source IP address, i.e. private LAN IP address] of the packet is checked to see if it falls within the IP address range specified to the left of the arrow symbol on the NAT rule. On a match the packet has its @@ -2876,7 +2876,7 @@ of the location of rule numbers 100 101, 450, 500, and 510. These rules control the translation of the outbound and inbound packets so their entries in the keep-state dynamic - table always register the private Lan IP address. Next + table always register the private LAN IP address. Next notice that all the allow and deny rules specified the direction the packet is going (IE outbound or inbound) and the interface. Also notice that all the start outbound @@ -2891,7 +2891,7 @@ dynamic table yet. The packet finally comes to rule 125 a matches. It is outbound through the NIC facing the public Internet. The packet still has it's source IP address as a - private Lan IP address. On the match to this rule, two + private LAN IP address. On the match to this rule, two actions take place. The keep-state option will post this rule into the keep-state dynamic rules table and the specified action is executed. The action is part of the info posted to @@ -2900,7 +2900,7 @@ this, this is very important. This packet makes its way to the destination and returns and enters the top of the rule set. This time it does match rule 100 and has it destination - IP address mapped back to its corresponding Lan IP address. + IP address mapped back to its corresponding LAN IP address. It then is processed by the check-state rule, it's found in the table as an existing session conversation and released to the LAN. It goes to the LAN PC that sent it and a new >Release-Note: >Audit-Trail: >Unformatted: