From jpaetzel@tcbug.org  Thu Jun  7 19:03:57 2007
Return-Path: <jpaetzel@tcbug.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 8BC3816A46C
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  7 Jun 2007 19:03:57 +0000 (UTC)
	(envelope-from jpaetzel@tcbug.org)
Received: from cenn-smtp.mc.mpls.visi.com (cenn.mc.mpls.visi.com [208.42.156.9])
	by mx1.freebsd.org (Postfix) with ESMTP id 685D913C46A
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  7 Jun 2007 19:03:57 +0000 (UTC)
	(envelope-from jpaetzel@tcbug.org)
Received: from mail.tcbug.org (mail.tcbug.org [208.42.70.163])
	by cenn-smtp.mc.mpls.visi.com (Postfix) with ESMTP id 4C5CF834E
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  7 Jun 2007 13:45:40 -0500 (CDT)
Received: by mail.tcbug.org (Postfix, from userid 1001)
	id E9033341C10; Thu,  7 Jun 2007 13:47:09 -0500 (CDT)
Message-Id: <20070607184709.E9033341C10@mail.tcbug.org>
Date: Thu,  7 Jun 2007 13:47:09 -0500 (CDT)
From: Josh Paetzel <josh@tcbug.org>
Reply-To: Josh Paetzel <josh@tcbug.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Error regarding IPF and ALTQ in handbook
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         113464
>Category:       docs
>Synopsis:       Error regarding IPF and ALTQ in handbook
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 07 19:10:14 GMT 2007
>Closed-Date:    Thu Jan 17 13:38:41 UTC 2008
>Last-Modified:  Thu Jan 17 13:40:02 UTC 2008
>Originator:     Josh Paetzel
>Release:        FreeBSD 6.2-IXSYSTEMS-p3 amd64
>Organization:
>Environment:
System: FreeBSD mail.tcbug.org 6.2-IXSYSTEMS-p3 FreeBSD 6.2-IXSYSTEMS-p3 #0: Thu Apr 5 08:22:54 UTC 2007 root@build.tcbug.org:/usr/obj/usr/src/sys/SMP amd64


>Description:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-apps.html
states that:
Dummynet has traditionally been closely tied with IPFW, and ALTQ with IPF/PF.
Which is incorrect.  IPF has no ALTQ support in FreeBSD (if at all)
>How-To-Repeat:
Browse to http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-apps.html
>Fix:
Remove the IPF/ from IPF/PF (sorry I don't have time to grab the www
repo and submit the patch that fixes this)
>Release-Note:
>Audit-Trail:

From: Marc Silver <marcs@draenor.org>
To: bug-followup@FreeBSD.org, josh@tcbug.org
Cc:  
Subject: Re: docs/113464: Error regarding IPF and ALTQ in handbook
Date: Thu, 10 Jan 2008 09:46:38 +0200

 --HcAYCG3uE/tztfnV
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 Hi there,
 
 I've done a bit of research into this and from what I can see, there is
 no direct support for ALTQ in IPFILTER itself.  However, everything I
 could find suggests that ALTQ/PF or DUMMYNET/IPFW can be used in
 conjunction with IPFILTER, provided that one is dedicated to traffic
 shaping and the other to filtering and NAT.
 
 To that end I've mangled the firewall chapter to update the information
 surrounding this particular issue.  
 
 Hope this helps,
 Cheers,
 Marc
 
 --HcAYCG3uE/tztfnV
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="firewall-chapter.sgml.patch"
 
 --- chapter.sgml.orig	2008-01-10 08:46:33.000000000 +0200
 +++ chapter.sgml	2008-01-10 09:35:19.000000000 +0200
 @@ -151,12 +151,16 @@
        <acronym>PF</acronym>).  &os; also has two built in packages for
        traffic shaping (basically controlling bandwidth usage):
        &man.altq.4; and &man.dummynet.4;.  Dummynet has traditionally been
 -      closely tied with <acronym>IPFW</acronym>, and
 -      <acronym>ALTQ</acronym> with
 -      <acronym>IPF</acronym>/<acronym>PF</acronym>.  IPF,
 -      IPFW, and PF all use rules to control the access of packets to and
 -      from your system, although they go about it different ways and
 -      have different rule syntaxes.</para>
 +      closely tied with <acronym>IPFW</acronym>, while
 +      <acronym>ALTQ</acronym> may be used with <acronym>PF</acronym>.  
 +      Traffic shaping can currently be achieved with 
 +      <acronym>IPFILTER</acronym> by using <acronym>IPFILTER</acronym> 
 +      for filtering and NAT in conjunction with <acronym>IPFW</acronym> 
 +      and dummynet <emphasis>or</emphasis> <acronym>PF</acronym> with 
 +      <acronym>ALTQ</acronym> for traffic shaping.  IPF IPFW, and PF all 
 +      use rules to control the access of packets to and from your system, 
 +      although they go about it different ways and have different rule 
 +      syntaxes.</para>
  
      <para>The reason that &os; has multiple built in firewall packages
        is that different people have different requirements and
 
 --HcAYCG3uE/tztfnV--
State-Changed-From-To: open->closed 
State-Changed-By: remko 
State-Changed-When: Thu Jan 17 13:38:40 UTC 2008 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113464 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: docs/113464: commit references a PR
Date: Thu, 17 Jan 2008 13:38:35 +0000 (UTC)

 remko       2008-01-17 13:38:31 UTC
 
   FreeBSD doc repository
 
   Modified files:
     en_US.ISO8859-1/books/handbook/firewalls chapter.sgml 
   Log:
   IPF does not have ALTQ support (or at least not that I and several others
   could find) so remove it from the information, give an example on how
   such a setup can be achieved.
   
   PR:             docs/113464
   Submitted by:   Josh Paetzel <josh at tcbug dot org>
   Inspired by:    Marc Silver <marcs at draenor dot org> (slightly rewritten
                   by me).
   
   Revision  Changes    Path
   1.79      +5 -1      doc/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
