Page MenuHomeFreeBSD
Differential D20568

Add a section to blacklistd to the PF chapter of the handbook
ClosedPublic
Actions

Authored by bcr on Jun 9 2019, 12:44 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Jan 8, 2:52 PM
Unknown Object (File)
Thu, Jan 8, 12:24 PM
Unknown Object (File)
Thu, Jan 8, 7:01 AM
Unknown Object (File)
Thu, Jan 8, 4:28 AM
Unknown Object (File)
Mon, Jan 5, 8:12 PM
Unknown Object (File)
Tue, Dec 23, 2:40 AM
Unknown Object (File)
Sat, Dec 20, 8:14 AM
Unknown Object (File)
Sat, Dec 20, 7:33 AM
View All Files
Subscribers
None

Details

Reviewers
wblock
kp
deb_freebsdfoundation.org
Group Reviewers
Doc Committers
Commits
rD53425: Add a new chapter about blacklistd to the firewalls chapter.
Summary

This patch adds a description on how to use blacklistd together with PF to the handbook.
The rendered output can be found starting at section 30.3.2.5.

I'm not really sure about the proper placement of this. It could go at the end of the chapter, it's own chapter or where it is now. Where it is currently, having too many sub-sub-subsections does not look good to me.

Test Plan
  1. Apply the patch in the local doc directory
  2. Build the handbook afterwards
  3. Check the output of firewalls-pf.html

Diff Detail

Repository
rD FreeBSD doc repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

bcr created this revision.Jun 9 2019, 12:44 PM
Harbormaster completed remote builds in B24781: Diff 58434.Jun 9 2019, 12:44 PM
kp added inline comments.Jun 15 2019, 2:38 PM
en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
1052 ↗(On Diff #58434)

"a network that should not be accessed"
I'm not sure what you mean here.

1096 ↗(On Diff #58434)

Rules either belong to...

1097 ↗(On Diff #58434)

which applies to?

1136 ↗(On Diff #58434)

SSH primarily uses TCP?

(And not just primarily. I don't think you can do SSH over UDP.)

bcr updated this revision to Diff 58702.Jun 16 2019, 2:26 PM

Update diff to address Kristof's comments.

kp added a comment.Jun 16 2019, 2:35 PM

Given that it's possible to use blacklistd with ipfw as well (at least, I believe it is), it should probably get its own chapter, with pf and ipfw subchapters.

bcr updated this revision to Diff 61691.Sep 5 2019, 2:26 PM

Sorry to keep you waiting for an update for so long.
I've refactored the blacklistd section into it's own chapter at the end of the firewalls chapter. There are no links from the PF chapter (or any other) to it yet.

kp added a comment.Sep 8 2019, 2:54 AM

Other than the typo this looks good to me.

en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
4108 ↗(On Diff #61691)

Expire?

bcr updated this revision to Diff 61906.Sep 10 2019, 7:12 PM

Good catch with the "expore", which should indeed be "expire". For some reason, igor did not catch that.
I think we can risk committing it to the handbook now and fix other things in a followup commit.

This revision was not accepted when it landed; it landed in state Needs Review.Sep 20 2019, 12:50 PM
Closed by commit rD53425: Add a new chapter about blacklistd to the firewalls chapter. (authored by bcr). · Explain Why
This revision was automatically updated to reflect the committed changes.
bcr added a commit: rD53425: Add a new chapter about blacklistd to the firewalls chapter..

Revision Contents
Changeset List

PathSize
head/
en_US.ISO8859-1/
books/
handbook/
firewalls/
323 lines

Diff 62345

View Options

head/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml

Loading...