Date: Fri, 8 Mar 2002 22:30:03 -0800 (PST) From: swear@blarg.net (Gary W. Swearingen) To: freebsd-doc@freebsd.org Subject: Re: docs/35686: blackhole(4) page seems to contradict itself in WARNING Message-ID: <200203090630.g296U3C43476@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/35686; it has been noted by GNATS. From: swear@blarg.net (Gary W. Swearingen) To: Dima Dorfman <dima@trit.org> Cc: FreeBSD-gnats-submit@freebsd.org Subject: Re: docs/35686: blackhole(4) page seems to contradict itself in WARNING Date: 08 Mar 2002 22:24:51 -0800 Dima Dorfman <dima@trit.org> writes: > "Gary W. Swearingen" <swear@blarg.net> wrote: > > In order to create a highly secure system, ipfw(8) should be used > > for protection, not the blackhole feature. > > > > This mechanism is not a substitute for securing a system. It should > > be used together with other security mechanisms. > ... > Do you have any > suggestions for a better wording? No, since I don't know what it SHOULD be trying to say. This is my best guess at what the above implies, but I doubt if it is what it SHOULD imply: In order to create a highly secure system, ipfw(8) should be used for protection, not the blackhole feature. For a less-than-highly secure system, use the blackhole feature with security mechanisms other than ipfw(8). For an unsecure system use only the blackhole feature (or nothing). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203090630.g296U3C43476>