Date: Fri, 08 Mar 2002 23:40:08 -0500 From: Tom Rhodes <darklogik@pittgoth.com> To: Dima Dorfman <dima@trit.org> Cc: freebsd-doc@FreeBSD.ORG, "Gary W. Swearingen" <swear@blarg.net> Subject: Re: docs/35686: blackhole(4) page seems to contradict itself in WARNING Message-ID: <3C899228.90806@pittgoth.com> References: <200203090210.g292A2C52131@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Dima Dorfman wrote: >The following reply was made to PR docs/35686; it has been noted by GNATS. > >From: Dima Dorfman <dima@trit.org> >To: swear@blarg.net >Cc: FreeBSD-gnats-submit@freebsd.org >Subject: Re: docs/35686: blackhole(4) page seems to contradict itself in WARNING >Date: Sat, 09 Mar 2002 02:01:46 +0000 > > "Gary W. Swearingen" <swear@blarg.net> wrote: > > > > >Number: 35686 > > >Category: docs > > >Synopsis: blackhole(4) page seems to contradict itself in WARNING > > >Description: > > > > The "warnings" section of the blackhole(4) man page has these two > > statements: > > > > In order to create a highly secure system, ipfw(8) should be used > > for protection, not the blackhole feature. > > > > This mechanism is not a substitute for securing a system. It should > > be used together with other security mechanisms. > > To me, this sounds more redundant than contradicting (they both say > that blackhole isn't sufficient for a "secure system"), but I can > understand how someone might interpret it that way. Do you have any > suggestions for a better wording? Perhaps just removing the first > paragraph would suffice--that seems more like a plug for ipfw(8) than > a bug in blackhole(4), anyway. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-doc" in the body of the message > > Review my last comment on this matter... these 2 paragraphs make me question if it can be used with ipfw(8) and other security ``mechanisms'' If anything, I feel the page isn't giveing enough information. I mean, can you ONLY use blackhole(4) or can you use it with ipfw(8)... If you must use them seperate, then why does blackhole(4) even exist... Sorry if i'm being "newbie" like, but I am asking myself these same questions To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C899228.90806>