Units
Translation components API.
See the Weblate's Web API documentation for detailed description of the API.
GET /api/translations/documentation/bookshandbookfirewalls_index/fr/units/?format=api&page=4
{ "count": 711, "next": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/units/?format=api&page=5", "previous": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/units/?format=api&page=3", "results": [ { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "For ways to run an FTP server protected by PF and man:ftp-proxy[8], configure a separate `ftp-proxy` in reverse mode, using `-R`, on a separate port with its own redirecting pass rule." ], "previous_source": "", "target": [ "" ], "id_hash": -2868922918643726374, "content_hash": -2868922918643726374, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:567", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 151, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 31, "source_unit": "https://translate-dev.freebsd.org/api/units/358225/?format=api", "priority": 100, "id": 1738551, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=582f89ce424387da", "url": "https://translate-dev.freebsd.org/api/units/1738551/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.030460Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Managing ICMP" ], "previous_source": "", "target": [ "" ], "id_hash": -8328268451715588370, "content_hash": -8328268451715588370, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:569", "context": "", "note": "type: Title ====", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 152, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 2, "source_unit": "https://translate-dev.freebsd.org/api/units/358227/?format=api", "priority": 100, "id": 1738552, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=0c6c0bf7dd665eee", "url": "https://translate-dev.freebsd.org/api/units/1738552/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.031088Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Many of the tools used for debugging or troubleshooting a TCP/IP network rely on the Internet Control Message Protocol (ICMP), which was designed specifically with debugging in mind." ], "previous_source": "", "target": [ "" ], "id_hash": -2313603903434190744, "content_hash": -2313603903434190744, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:572", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 153, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 28, "source_unit": "https://translate-dev.freebsd.org/api/units/358229/?format=api", "priority": 100, "id": 1738553, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=5fe46d8200d91068", "url": "https://translate-dev.freebsd.org/api/units/1738553/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.031680Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "The ICMP protocol sends and receives _control messages_ between hosts and gateways, mainly to provide feedback to a sender about any unusual or difficult conditions enroute to the target host. Routers use ICMP to negotiate packet sizes and other transmission parameters in a process often referred to as _path MTU discovery_." ], "previous_source": "", "target": [ "" ], "id_hash": -5172894900361312457, "content_hash": -5172894900361312457, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:575", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 154, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 51, "source_unit": "https://translate-dev.freebsd.org/api/units/1219770/?format=api", "priority": 100, "id": 1738554, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=38362f7ecb88c737", "url": "https://translate-dev.freebsd.org/api/units/1738554/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.032318Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "From a firewall perspective, some ICMP control messages are vulnerable to known attack vectors. Also, letting all diagnostic traffic pass unconditionally makes debugging easier, but it also makes it easier for others to extract information about the network. For these reasons, the following rule may not be optimal:" ], "previous_source": "", "target": [ "" ], "id_hash": -7807172472809790395, "content_hash": -7807172472809790395, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:579", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 155, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 48, "source_unit": "https://translate-dev.freebsd.org/api/units/1219772/?format=api", "priority": 100, "id": 1738555, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=13a75a0009f6e445", "url": "https://translate-dev.freebsd.org/api/units/1738555/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.032972Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "pass inet proto icmp from any to any\n" ], "previous_source": "", "target": [ "" ], "id_hash": 204544237022310691, "content_hash": 204544237022310691, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:583", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 156, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 8, "source_unit": "https://translate-dev.freebsd.org/api/units/358235/?format=api", "priority": 100, "id": 1738556, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=82d6afe65c917123", "url": "https://translate-dev.freebsd.org/api/units/1738556/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.033634Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "One solution is to let all ICMP traffic from the local network through while stopping all probes from outside the network:" ], "previous_source": "", "target": [ "" ], "id_hash": 2094542309737038325, "content_hash": 2094542309737038325, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:586", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 157, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 21, "source_unit": "https://translate-dev.freebsd.org/api/units/358237/?format=api", "priority": 100, "id": 1738557, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=9d114f2222e701f5", "url": "https://translate-dev.freebsd.org/api/units/1738557/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.034261Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "pass inet proto icmp from $localnet to any keep state\npass inet proto icmp from any to $ext_if keep state\n" ], "previous_source": "", "target": [ "" ], "id_hash": 2303599435983160676, "content_hash": 2303599435983160676, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:591", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 158, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 20, "source_unit": "https://translate-dev.freebsd.org/api/units/358239/?format=api", "priority": 100, "id": 1738558, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=9ff8077b66910564", "url": "https://translate-dev.freebsd.org/api/units/1738558/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.034917Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Additional options are available which demonstrate some of PF's flexibility. For example, rather than allowing all ICMP messages, one can specify the messages used by man:ping[8] and man:traceroute[8]. Start by defining a macro for that type of message:" ], "previous_source": "", "target": [ "" ], "id_hash": 8911100949760063822, "content_hash": 8911100949760063822, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:596", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 159, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 38, "source_unit": "https://translate-dev.freebsd.org/api/units/1219774/?format=api", "priority": 100, "id": 1738559, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=fbaa9719cc18394e", "url": "https://translate-dev.freebsd.org/api/units/1738559/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.035530Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "icmp_types = \"echoreq\"\n" ], "previous_source": "", "target": [ "" ], "id_hash": 8129449877201844818, "content_hash": 8129449877201844818, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:600", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 160, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 3, "source_unit": "https://translate-dev.freebsd.org/api/units/358243/?format=api", "priority": 100, "id": 1738560, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=f0d19b9775f57a52", "url": "https://translate-dev.freebsd.org/api/units/1738560/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.036232Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "and a rule which uses the macro:" ], "previous_source": "", "target": [ "" ], "id_hash": -5349415585920626761, "content_hash": -5349415585920626761, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:603", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 161, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 7, "source_unit": "https://translate-dev.freebsd.org/api/units/358245/?format=api", "priority": 100, "id": 1738561, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=35c30eddf5434fb7", "url": "https://translate-dev.freebsd.org/api/units/1738561/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.036833Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "pass inet proto icmp all icmp-type $icmp_types keep state\n" ], "previous_source": "", "target": [ "" ], "id_hash": -8516904987792368028, "content_hash": -8516904987792368028, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:607, documentation/content/en/books/handbook/firewalls/_index.adoc:647", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 162, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 9, "source_unit": "https://translate-dev.freebsd.org/api/units/358247/?format=api", "priority": 100, "id": 1738562, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=09cde009c0e21e64", "url": "https://translate-dev.freebsd.org/api/units/1738562/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.037436Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "If other types of ICMP packets are needed, expand `icmp_types` to a list of those packet types. Type `more /usr/src/sbin/pfctl/pfctl_parser.c` to see the list of ICMP message types supported by PF. Refer to http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml[http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml] for an explanation of each message type." ], "previous_source": "", "target": [ "" ], "id_hash": 1219067954154198023, "content_hash": 1219067954154198023, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:612", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 163, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 41, "source_unit": "https://translate-dev.freebsd.org/api/units/1219776/?format=api", "priority": 100, "id": 1738563, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=90eaffd86c6c5407", "url": "https://translate-dev.freebsd.org/api/units/1738563/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.038049Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Since Unix `traceroute` uses UDP by default, another rule is needed to allow Unix `traceroute`:" ], "previous_source": "", "target": [ "" ], "id_hash": 7632185509793641707, "content_hash": 7632185509793641707, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:614", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 164, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 15, "source_unit": "https://translate-dev.freebsd.org/api/units/358251/?format=api", "priority": 100, "id": 1738564, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=e9eaf848bb2234eb", "url": "https://translate-dev.freebsd.org/api/units/1738564/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.038748Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "# allow out the default range for traceroute(8):\npass out on $ext_if inet proto udp from any to any port 33433 >< 33626 keep state\n" ], "previous_source": "", "target": [ "" ], "id_hash": -4538724955585874067, "content_hash": -4538724955585874067, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:619", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 165, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 25, "source_unit": "https://translate-dev.freebsd.org/api/units/358253/?format=api", "priority": 100, "id": 1738565, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=410335b3391a776d", "url": "https://translate-dev.freebsd.org/api/units/1738565/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.039373Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Since `TRACERT.EXE` on Microsoft Windows systems uses ICMP echo request messages, only the first rule is needed to allow network traces from those systems. Unix `traceroute` can be instructed to use other protocols as well, and will use ICMP echo request messages if `-I` is used. Check the man:traceroute[8] man page for details." ], "previous_source": "", "target": [ "" ], "id_hash": 3907310628327728435, "content_hash": 3907310628327728435, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:624", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 166, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 53, "source_unit": "https://translate-dev.freebsd.org/api/units/1219778/?format=api", "priority": 100, "id": 1738566, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=b6398e508c952533", "url": "https://translate-dev.freebsd.org/api/units/1738566/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.040003Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Path MTU Discovery" ], "previous_source": "", "target": [ "" ], "id_hash": 1012670064939032602, "content_hash": 1012670064939032602, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:626", "context": "", "note": "type: Title =====", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 167, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 3, "source_unit": "https://translate-dev.freebsd.org/api/units/358257/?format=api", "priority": 100, "id": 1738567, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=8e0dba0f075ce01a", "url": "https://translate-dev.freebsd.org/api/units/1738567/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.040671Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Internet protocols are designed to be device independent, and one consequence of device independence is that the optimal packet size for a given connection cannot always be predicted reliably. The main constraint on packet size is the _Maximum Transmission Unit_ (MTU) which sets the upper limit on the packet size for an interface. Type `ifconfig` to view the MTUs for a system's network interfaces." ], "previous_source": "", "target": [ "" ], "id_hash": -118894394446659213, "content_hash": -118894394446659213, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:631", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 168, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 64, "source_unit": "https://translate-dev.freebsd.org/api/units/1219780/?format=api", "priority": 100, "id": 1738568, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=7e599a2d9d38c173", "url": "https://translate-dev.freebsd.org/api/units/1738568/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.041294Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "TCP/IP uses a process known as path MTU discovery to determine the right packet size for a connection. This process sends packets of varying sizes with the \"Do not fragment\" flag set, expecting an ICMP return packet of \"type 3, code 4\" when the upper limit has been reached. Type 3 means \"destination unreachable\", and code 4 is short for \"fragmentation needed, but the do-not-fragment flag is set\". To allow path MTU discovery in order to support connections to other MTUs, add the `destination unreachable` type to the `icmp_types` macro:" ], "previous_source": "", "target": [ "" ], "id_hash": -9184218911623032198, "content_hash": -9184218911623032198, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:636", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 169, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 90, "source_unit": "https://translate-dev.freebsd.org/api/units/1219782/?format=api", "priority": 100, "id": 1738569, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=008b198f5948d27a", "url": "https://translate-dev.freebsd.org/api/units/1738569/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.041978Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "icmp_types = \"{ echoreq, unreach }\"\n" ], "previous_source": "", "target": [ "" ], "id_hash": -4231372537914952561, "content_hash": -4231372537914952561, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:640", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 170, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 6, "source_unit": "https://translate-dev.freebsd.org/api/units/358263/?format=api", "priority": 100, "id": 1738570, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=45472518753c748f", "url": "https://translate-dev.freebsd.org/api/units/1738570/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.042721Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Since the pass rule already uses that macro, it does not need to be modified to support the new ICMP type:" ], "previous_source": "", "target": [ "" ], "id_hash": -2123380827787273984, "content_hash": -2123380827787273984, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:643", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 171, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 21, "source_unit": "https://translate-dev.freebsd.org/api/units/358265/?format=api", "priority": 100, "id": 1738571, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=62883c6324dd5900", "url": "https://translate-dev.freebsd.org/api/units/1738571/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.043330Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "PF allows filtering on all variations of ICMP types and codes. The list of possible types and codes are documented in man:icmp[4] and man:icmp6[4]." ], "previous_source": "", "target": [ "" ], "id_hash": -3589721527290687970, "content_hash": -3589721527290687970, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:651", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 172, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 24, "source_unit": "https://translate-dev.freebsd.org/api/units/1219784/?format=api", "priority": 100, "id": 1738572, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=4e2ebf4a43440e1e", "url": "https://translate-dev.freebsd.org/api/units/1738572/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.043929Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Using Tables" ], "previous_source": "", "target": [ "" ], "id_hash": -5677509333904551234, "content_hash": -5677509333904551234, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:653", "context": "", "note": "type: Title ====", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 173, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 2, "source_unit": "https://translate-dev.freebsd.org/api/units/358269/?format=api", "priority": 100, "id": 1738573, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=31356f576fa792be", "url": "https://translate-dev.freebsd.org/api/units/1738573/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.044533Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Some types of data are relevant to filtering and redirection at a given time, but their definition is too long to be included in the ruleset file. PF supports the use of tables, which are defined lists that can be manipulated without needing to reload the entire ruleset, and which can provide fast lookups. Table names are always enclosed within `< >`, like this:" ], "previous_source": "", "target": [ "" ], "id_hash": -261446461264052751, "content_hash": -261446461264052751, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:658", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 174, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 64, "source_unit": "https://translate-dev.freebsd.org/api/units/1219786/?format=api", "priority": 100, "id": 1738574, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=7c5f27d42492bdf1", "url": "https://translate-dev.freebsd.org/api/units/1738574/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.045147Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "table <clients> { 192.168.2.0/24, !192.168.2.5 }\n" ], "previous_source": "", "target": [ "" ], "id_hash": -3353389522637778253, "content_hash": -3353389522637778253, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:662", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 175, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 6, "source_unit": "https://translate-dev.freebsd.org/api/units/358273/?format=api", "priority": 100, "id": 1738575, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=51765dff05a892b3", "url": "https://translate-dev.freebsd.org/api/units/1738575/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.045794Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "In this example, the `192.168.2.0/24` network is part of the table, except for the address `192.168.2.5`, which is excluded using the `!` operator. It is also possible to load tables from files where each item is on a separate line, as seen in this example [.filename]#/etc/clients#:" ], "previous_source": "", "target": [ "" ], "id_hash": -9187928103890632823, "content_hash": -9187928103890632823, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:666", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 176, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 46, "source_unit": "https://translate-dev.freebsd.org/api/units/1219788/?format=api", "priority": 100, "id": 1738576, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=007dec11b9c53f89", "url": "https://translate-dev.freebsd.org/api/units/1738576/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.046393Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "192.168.2.0/24\n!192.168.2.5\n" ], "previous_source": "", "target": [ "" ], "id_hash": 7064608173898037567, "content_hash": 7064608173898037567, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:671", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 177, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 2, "source_unit": "https://translate-dev.freebsd.org/api/units/358277/?format=api", "priority": 100, "id": 1738577, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=e20a87b44a83793f", "url": "https://translate-dev.freebsd.org/api/units/1738577/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.047092Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "To refer to the file, define the table like this:" ], "previous_source": "", "target": [ "" ], "id_hash": 6549600482018545007, "content_hash": 6549600482018545007, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:674", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 178, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 10, "source_unit": "https://translate-dev.freebsd.org/api/units/358279/?format=api", "priority": 100, "id": 1738578, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=dae4daefe7714d6f", "url": "https://translate-dev.freebsd.org/api/units/1738578/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.047686Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "table <clients> persist file \"/etc/clients\"\n" ], "previous_source": "", "target": [ "" ], "id_hash": 7470113087566118468, "content_hash": 7470113087566118468, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:678", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 179, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 5, "source_unit": "https://translate-dev.freebsd.org/api/units/358281/?format=api", "priority": 100, "id": 1738579, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=e7ab2c46585ffe44", "url": "https://translate-dev.freebsd.org/api/units/1738579/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.048305Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Once the table is defined, it can be referenced by a rule:" ], "previous_source": "", "target": [ "" ], "id_hash": 752373458682279705, "content_hash": 752373458682279705, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:681", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 180, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 12, "source_unit": "https://translate-dev.freebsd.org/api/units/358283/?format=api", "priority": 100, "id": 1738580, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=8a70f7aca7307719", "url": "https://translate-dev.freebsd.org/api/units/1738580/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.048907Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "pass inet proto tcp from <clients> to any port $client_out flags S/SA keep state\n" ], "previous_source": "", "target": [ "" ], "id_hash": -5625167174436393275, "content_hash": -5625167174436393275, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:685", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 181, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 14, "source_unit": "https://translate-dev.freebsd.org/api/units/358285/?format=api", "priority": 100, "id": 1738581, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=31ef64421d87eec5", "url": "https://translate-dev.freebsd.org/api/units/1738581/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.049526Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "A table's contents can be manipulated live, using `pfctl`. This example adds another network to the table:" ], "previous_source": "", "target": [ "" ], "id_hash": 1340926255982973068, "content_hash": 1340926255982973068, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:689", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 182, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 17, "source_unit": "https://translate-dev.freebsd.org/api/units/1219790/?format=api", "priority": 100, "id": 1738582, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=929bed5345dc108c", "url": "https://translate-dev.freebsd.org/api/units/1738582/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.050125Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "# pfctl -t clients -T add 192.168.1.0/16\n" ], "previous_source": "", "target": [ "" ], "id_hash": -7642470664947269366, "content_hash": -7642470664947269366, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:693", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 183, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 7, "source_unit": "https://translate-dev.freebsd.org/api/units/358289/?format=api", "priority": 100, "id": 1738583, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=15f07d6bf979810a", "url": "https://translate-dev.freebsd.org/api/units/1738583/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.050767Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Note that any changes made this way will take affect now, making them ideal for testing, but will not survive a power failure or reboot. To make the changes permanent, modify the definition of the table in the ruleset or edit the file that the table refers to. One can maintain the on-disk copy of the table using a man:cron[8] job which dumps the table's contents to disk at regular intervals, using a command such as `pfctl -t clients -T show >/etc/clients`. Alternatively, [.filename]#/etc/clients# can be updated with the in-memory table contents:" ], "previous_source": "", "target": [ "" ], "id_hash": -8014146108339618480, "content_hash": -8014146108339618480, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:699", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 184, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 92, "source_unit": "https://translate-dev.freebsd.org/api/units/1219792/?format=api", "priority": 100, "id": 1738584, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=10c8089342567d50", "url": "https://translate-dev.freebsd.org/api/units/1738584/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.051377Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "# pfctl -t clients -T replace -f /etc/clients\n" ], "previous_source": "", "target": [ "" ], "id_hash": -2450112177290021734, "content_hash": -2450112177290021734, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:703", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 185, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 8, "source_unit": "https://translate-dev.freebsd.org/api/units/358293/?format=api", "priority": 100, "id": 1738585, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=5dff73f4bcc4f49a", "url": "https://translate-dev.freebsd.org/api/units/1738585/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.052053Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Using Overload Tables to Protect SSH" ], "previous_source": "", "target": [ "" ], "id_hash": 1264445203431736482, "content_hash": 1264445203431736482, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:706", "context": "", "note": "type: Title ====", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 186, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 6, "source_unit": "https://translate-dev.freebsd.org/api/units/358295/?format=api", "priority": 100, "id": 1738586, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=918c3636947ec4a2", "url": "https://translate-dev.freebsd.org/api/units/1738586/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.052668Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Those who run SSH on an external interface have probably seen something like this in the authentication logs:" ], "previous_source": "", "target": [ "" ], "id_hash": 6937917734555389266, "content_hash": 6937917734555389266, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:709", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 187, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 18, "source_unit": "https://translate-dev.freebsd.org/api/units/358297/?format=api", "priority": 100, "id": 1738587, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=e0486f6bc10e8d52", "url": "https://translate-dev.freebsd.org/api/units/1738587/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.053270Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Sep 26 03:12:34 skapet sshd[25771]: Failed password for root from 200.72.41.31 port 40992 ssh2\nSep 26 03:12:34 skapet sshd[5279]: Failed password for root from 200.72.41.31 port 40992 ssh2\nSep 26 03:12:35 skapet sshd[5279]: Received disconnect from 200.72.41.31: 11: Bye Bye\nSep 26 03:12:44 skapet sshd[29635]: Invalid user admin from 200.72.41.31\nSep 26 03:12:44 skapet sshd[24703]: input_userauth_request: invalid user admin\nSep 26 03:12:44 skapet sshd[24703]: Failed password for invalid user admin from 200.72.41.31 port 41484 ssh2\n" ], "previous_source": "", "target": [ "" ], "id_hash": 7541431045713435743, "content_hash": 7541431045713435743, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:718", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 188, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 75, "source_unit": "https://translate-dev.freebsd.org/api/units/358299/?format=api", "priority": 100, "id": 1738588, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=e8a88b9471da1c5f", "url": "https://translate-dev.freebsd.org/api/units/1738588/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.053904Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "This is indicative of a brute force attack where somebody or some program is trying to discover the user name and password which will let them into the system." ], "previous_source": "", "target": [ "" ], "id_hash": 7912377835381935917, "content_hash": 7912377835381935917, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:721", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 189, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 29, "source_unit": "https://translate-dev.freebsd.org/api/units/358301/?format=api", "priority": 100, "id": 1738589, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=edce69b83e9d4f2d", "url": "https://translate-dev.freebsd.org/api/units/1738589/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.054585Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "If external SSH access is needed for legitimate users, changing the default port used by SSH can offer some protection. However, PF provides a more elegant solution. Pass rules can contain limits on what connecting hosts can do and violators can be banished to a table of addresses which are denied some or all access. It is even possible to drop all existing connections from machines which overreach the limits." ], "previous_source": "", "target": [ "" ], "id_hash": -955102587114324231, "content_hash": -955102587114324231, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:726", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 190, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 70, "source_unit": "https://translate-dev.freebsd.org/api/units/1219794/?format=api", "priority": 100, "id": 1738590, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=72becb41e2fe7ef9", "url": "https://translate-dev.freebsd.org/api/units/1738590/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.055222Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "To configure this, create this table in the tables section of the ruleset:" ], "previous_source": "", "target": [ "" ], "id_hash": -2674472719074565976, "content_hash": -2674472719074565976, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:728", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 191, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 13, "source_unit": "https://translate-dev.freebsd.org/api/units/358305/?format=api", "priority": 100, "id": 1738591, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=5ae25d3b621660a8", "url": "https://translate-dev.freebsd.org/api/units/1738591/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.055883Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "table <bruteforce> persist\n" ], "previous_source": "", "target": [ "" ], "id_hash": 4860391456413897990, "content_hash": 4860391456413897990, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:732", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 192, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 3, "source_unit": "https://translate-dev.freebsd.org/api/units/358307/?format=api", "priority": 100, "id": 1738592, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=c373944734e4d506", "url": "https://translate-dev.freebsd.org/api/units/1738592/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.056513Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Then, somewhere early in the ruleset, add rules to block brute access while allowing legitimate access:" ], "previous_source": "", "target": [ "" ], "id_hash": 8879083605959337692, "content_hash": 8879083605959337692, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:735", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 193, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 16, "source_unit": "https://translate-dev.freebsd.org/api/units/358309/?format=api", "priority": 100, "id": 1738593, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=fb38d77f083366dc", "url": "https://translate-dev.freebsd.org/api/units/1738593/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.057118Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "block quick from <bruteforce>\npass inet proto tcp from any to $localnet port $tcp_services \\\n flags S/SA keep state \\\n (max-src-conn 100, max-src-conn-rate 15/5, \\\n overload <bruteforce> flush global)\n" ], "previous_source": "", "target": [ "" ], "id_hash": -6390997732988102109, "content_hash": -6390997732988102109, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:743", "context": "", "note": "type: delimited block . 4", "flags": "no-wrap", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 194, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 29, "source_unit": "https://translate-dev.freebsd.org/api/units/358311/?format=api", "priority": 100, "id": 1738594, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=274e9d6c3ceada23", "url": "https://translate-dev.freebsd.org/api/units/1738594/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.057783Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "The part in parentheses defines the limits and the numbers should be changed to meet local requirements. It can be read as follows:" ], "previous_source": "", "target": [ "" ], "id_hash": -591212052488793393, "content_hash": -591212052488793393, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:747", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 195, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 23, "source_unit": "https://translate-dev.freebsd.org/api/units/1219796/?format=api", "priority": 100, "id": 1738595, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=77cb97c54879d2cf", "url": "https://translate-dev.freebsd.org/api/units/1738595/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.058421Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "`max-src-conn` is the number of simultaneous connections allowed from one host." ], "previous_source": "", "target": [ "" ], "id_hash": 1731462434876379123, "content_hash": 1731462434876379123, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:749", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 196, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 11, "source_unit": "https://translate-dev.freebsd.org/api/units/358315/?format=api", "priority": 100, "id": 1738596, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=980763e92cbd4ff3", "url": "https://translate-dev.freebsd.org/api/units/1738596/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.059031Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "`max-src-conn-rate` is the rate of new connections allowed from any single host (_15_) per number of seconds (_5_)." ], "previous_source": "", "target": [ "" ], "id_hash": 9151894666426872948, "content_hash": 9151894666426872948, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:751", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 197, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 18, "source_unit": "https://translate-dev.freebsd.org/api/units/358317/?format=api", "priority": 100, "id": 1738597, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=ff020fb5d62a7474", "url": "https://translate-dev.freebsd.org/api/units/1738597/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.059622Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "`overload <bruteforce>` means that any host which exceeds these limits gets its address added to the `bruteforce` table. The ruleset blocks all traffic from addresses in the `bruteforce` table." ], "previous_source": "", "target": [ "" ], "id_hash": 7132368791683431105, "content_hash": 7132368791683431105, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:754", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 198, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 29, "source_unit": "https://translate-dev.freebsd.org/api/units/1219798/?format=api", "priority": 100, "id": 1738598, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=e2fb43a08b5f7ac1", "url": "https://translate-dev.freebsd.org/api/units/1738598/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.060217Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "Finally, `flush global` says that when a host reaches the limit, that all (`global`) of that host's connections will be terminated (`flush`)." ], "previous_source": "", "target": [ "" ], "id_hash": 1993712870228889859, "content_hash": 1993712870228889859, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:756", "context": "", "note": "type: Plain text", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 199, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 22, "source_unit": "https://translate-dev.freebsd.org/api/units/358321/?format=api", "priority": 100, "id": 1738599, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=9bab174ad61e1103", "url": "https://translate-dev.freebsd.org/api/units/1738599/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.060840Z" }, { "translation": "https://translate-dev.freebsd.org/api/translations/documentation/bookshandbookfirewalls_index/fr/?format=api", "source": [ "These rules will _not_ block slow bruteforcers, as described in http://home.nuug.no/\\~peter/hailmary2013/[http://home.nuug.no/~peter/hailmary2013/]." ], "previous_source": "", "target": [ "" ], "id_hash": -6737210426701786616, "content_hash": -6737210426701786616, "location": "documentation/content/en/books/handbook/firewalls/_index.adoc:760", "context": "", "note": "type: delimited block = 4", "flags": "", "labels": [], "state": 0, "fuzzy": false, "translated": false, "approved": false, "position": 200, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 11, "source_unit": "https://translate-dev.freebsd.org/api/units/358323/?format=api", "priority": 100, "id": 1738600, "web_url": "https://translate-dev.freebsd.org/translate/documentation/bookshandbookfirewalls_index/fr/?checksum=22809ecfeb61d208", "url": "https://translate-dev.freebsd.org/api/units/1738600/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2025-01-22T17:57:43.061447Z" } ] }