Source string Read only

(itstool) path: note/programlisting
44/440
Context English State
<link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html">IPFW</link>
<application>PF</application> is developed by the OpenBSD project and ported to FreeBSD. <application>PF</application> was created as a replacement for <application>IPFILTER</application> and its syntax is similar to that of <application>IPFILTER</application>. <application>PF</application> can be paired with <citerefentry><refentrytitle>altq</refentrytitle><manvolnum>4</manvolnum></citerefentry> to provide <acronym>QoS</acronym> features.
This sample <application>PF</application> entry allows inbound <application>SSH</application>:
pass in on $ext_if inet proto tcp from any to ($ext_if) port 22
<application>IPFILTER</application> is the firewall application developed by Darren Reed. It is not specific to FreeBSD and has been ported to several operating systems including NetBSD, OpenBSD, SunOS, HP/UX, and Solaris.
The <application>IPFILTER</application> syntax to allow inbound <application>SSH</application> is:
pass in on $ext_if proto tcp from any to any port = 22
<application>IPFW</application> is the firewall developed and maintained by FreeBSD. It can be paired with <citerefentry><refentrytitle>dummynet</refentrytitle><manvolnum>4</manvolnum></citerefentry> to provide traffic shaping capabilities and simulate different types of network connections.
The <application>IPFW</application> syntax to allow inbound <application>SSH</application> would be:
ipfw add allow tcp from any to me 22 in via $ext_if
Updating FreeBSD
There are two methods for updating a FreeBSD system: from source or binary updates.
Updating from source is the most involved update method, but offers the greatest amount of flexibility. The process involves synchronizing a local copy of the FreeBSD source code with the FreeBSD <application>Subversion</application> servers. Once the local source code is up-to-date, a new version of the kernel and userland can be compiled.
Binary updates are similar to using <command>yum</command> or <command>apt-get</command> to update a <trademark class="registered">Linux</trademark> system. In FreeBSD, <citerefentry><refentrytitle>freebsd-update</refentrytitle><manvolnum>8</manvolnum></citerefentry> can be used fetch new binary updates and install them. These updates can be scheduled using <citerefentry><refentrytitle>cron</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
When using <citerefentry><refentrytitle>cron</refentrytitle><manvolnum>8</manvolnum></citerefentry> to schedule updates, use <command>freebsd-update cron</command> in the <citerefentry><refentrytitle>crontab</refentrytitle><manvolnum>1</manvolnum></citerefentry> to reduce the possibility of a large number of machines all pulling updates at the same time:
0 3 * * * root /usr/sbin/freebsd-update cron
For more information on source and binary updates, refer to <link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/updating-upgrading.html">the chapter on updating</link> in the FreeBSD Handbook.
procfs: Gone But Not Forgotten
In some <trademark class="registered">Linux</trademark> distributions, one could look at <filename>/proc/sys/net/ipv4/ip_forward</filename> to determine if <acronym>IP</acronym> forwarding is enabled. In FreeBSD, <citerefentry><refentrytitle>sysctl</refentrytitle><manvolnum>8</manvolnum></citerefentry> is instead used to view this and other system settings.
For example, use the following to determine if <acronym>IP</acronym> forwarding is enabled on a FreeBSD system:
<prompt>%</prompt> <userinput>sysctl net.inet.ip.forwarding</userinput>
net.inet.ip.forwarding: 0
Use <option>-a</option> to list all the system settings:
<prompt>%</prompt> <userinput>sysctl -a | more</userinput>
If an application requires procfs, add the following entry to <filename>/etc/fstab</filename>:
proc /proc procfs rw,noauto 0 0
Including <option>noauto</option> will prevent <filename>/proc</filename> from being automatically mounted at boot.
To mount the file system without rebooting:
<prompt>#</prompt> <userinput>mount /proc</userinput>
Common Commands
Some common command equivalents are as follows:
<trademark class="registered">Linux</trademark> command (Red Hat/Debian)

Loading…

No matching activity found.

Browse all component changes

Things to check

Multiple failing checks

The translations in several languages have failing checks

Reset

Glossary

English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: note/programlisting
Flags
no-wrap, read-only
Source string location
article.translate.xml:389
String age
a year ago
Source string age
a year ago
Translation file
articles/linux-users.pot, string 80