Date: Sat, 26 Feb 2005 08:56:50 -0700 (MST) From: Brad Davis <so14k@so14k.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: docs/78120: Lan -> LAN Message-ID: <20050226155650.3606BBD1F@mccaffrey.house.so14k.com> Resent-Message-ID: <200502261600.j1QG0WkY046697@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 78120 >Category: docs >Synopsis: Lan -> LAN >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 26 16:00:32 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Brad Davis >Release: FreeBSD 5.4-PRERELEASE i386 >Organization: >Environment: System: FreeBSD mccaffrey.house.so14k.com 5.4-PRERELEASE FreeBSD 5.4-PRERELEASE #0: Thu Feb 24 17:03:44 MST 2005 root@mccaffrey.house.so14k.com:/usr/obj/usr/src/sys/SMP i386 >Description: Lan -> LAN in the firewall section. >How-To-Repeat: >Fix: --- doc-ori/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml Fri Feb 25 13:31:41 2005 +++ doc2/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml Sat Feb 26 08:52:48 2005 @@ -355,7 +355,7 @@ packets for the computers in the LAN or want to do NAT, you have to enable the following option as well:</para> - <programlisting>gateway_enable="YES" # Enable as Lan gateway</programlisting> + <programlisting>gateway_enable="YES" # Enable as LAN gateway</programlisting> </sect2> </sect1> @@ -511,7 +511,7 @@ reserved private IP address ranges, then you need to add the following to enable <acronym>NAT</acronym> functionality:</para> - <programlisting>gateway_enable="YES" # Enable as Lan gateway + <programlisting>gateway_enable="YES" # Enable as LAN gateway ipnat_enable="YES" # Start ipnat function ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat</programlisting> @@ -1718,7 +1718,7 @@ wins. <acronym>NAT</acronym> tests each of its rules against the packets interface name and source IP address. When a packets interface name matches a <acronym>NAT</acronym> rule - then the [source IP address, i.e. private Lan IP address] of + then the [source IP address, i.e. private LAN IP address] of the packet is checked to see if it falls within the IP address range specified to the left of the arrow symbol on the <acronym>NAT</acronym> rule. On a match the packet has its @@ -2876,7 +2876,7 @@ of the location of rule numbers 100 101, 450, 500, and 510. These rules control the translation of the outbound and inbound packets so their entries in the keep-state dynamic - table always register the private Lan IP address. Next + table always register the private LAN IP address. Next notice that all the allow and deny rules specified the direction the packet is going (IE outbound or inbound) and the interface. Also notice that all the start outbound @@ -2891,7 +2891,7 @@ dynamic table yet. The packet finally comes to rule 125 a matches. It is outbound through the NIC facing the public Internet. The packet still has it's source IP address as a - private Lan IP address. On the match to this rule, two + private LAN IP address. On the match to this rule, two actions take place. The keep-state option will post this rule into the keep-state dynamic rules table and the specified action is executed. The action is part of the info posted to @@ -2900,7 +2900,7 @@ this, this is very important. This packet makes its way to the destination and returns and enters the top of the rule set. This time it does match rule 100 and has it destination - IP address mapped back to its corresponding Lan IP address. + IP address mapped back to its corresponding LAN IP address. It then is processed by the check-state rule, it's found in the table as an existing session conversation and released to the LAN. It goes to the LAN PC that sent it and a new >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050226155650.3606BBD1F>