Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 18 Mar 2021 17:40:14 GMT
From:      Daniel Ebdrup Jensen <debdrup@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: c39dda81923a - main - rc.conf(5): Document the 'workstation' firewall_type
Message-ID:  <202103181740.12IHeE44069846@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by debdrup (doc committer):

URL: https://cgit.FreeBSD.org/src/commit/?id=c39dda81923a26116241fbe996351133c86ad97a

commit c39dda81923a26116241fbe996351133c86ad97a
Author:     Tobias Rehbein <tobias.rehbein@web.de>
AuthorDate: 2021-03-18 17:01:09 +0000
Commit:     Daniel Ebdrup Jensen <debdrup@FreeBSD.org>
CommitDate: 2021-03-18 17:39:24 +0000

    rc.conf(5): Document the 'workstation' firewall_type
    
    Document the workstation ACL ruleset, which uses stateful rules.
    
    While here, add a note about where some of the undocumented variables
    can be found. This is not a perfect solution for bug 127359, but it at
    at least gives a place to go look, and can be used as a reference for
    when bug 127359 gets fixed properly.
    
    PR:             254358, 127359
---
 share/man/man5/rc.conf.5 | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index fef0f167d1a5..ddf4ea120df5 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -539,7 +539,7 @@ Valid selections from
 .Pa /etc/rc.firewall
 are:
 .Pp
-.Bl -tag -width ".Li simple" -compact
+.Bl -tag -width ".Li workstation" -compact
 .It Li open
 unrestricted IP access
 .It Li closed
@@ -547,12 +547,18 @@ all IP services disabled, except via
 .Dq Li lo0
 .It Li client
 basic protection for a workstation
+.It Li workstation
+basic protection for a workstation using stateful firewalling
 .It Li simple
 basic protection for a LAN.
 .El
 .Pp
 If a filename is specified, the full path
 must be given.
+.Pp
+Most of the predefined rulesets define additional configuration variables.
+These are documented in
+.Pa /etc/rc.firewall .
 .It Va firewall_quiet
 .Pq Vt bool
 Set to

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202103181740.12IHeE44069846>