Typo in FAQ example (faq/pf/example1.html)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Typo in FAQ example (faq/pf/example1.html)

Nils Frohberg
The FAQ explains how to set up dnscrypt-proxy (from ports) in
conjunction with unbound and pf in order to prevent information
leakage. The sample pf rule is currently broken, since the "log"
and "in" keywords are switched.

Index: faq/pf/example1.html
===================================================================
RCS file: /cvs/www/faq/pf/example1.html,v
retrieving revision 1.67
diff -u -r1.67 example1.html
--- faq/pf/example1.html 24 Jan 2016 18:47:17 -0000 1.67
+++ faq/pf/example1.html 3 Feb 2016 11:46:35 -0000
@@ -366,7 +366,7 @@
 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf">pf.conf(5)</a>
 rule may be used as an additional safety belt:
 <blockquote><pre>
-block return log in on $int_if inet proto { tcp udp } from any to ! 192.168.1.1 port 53
+block return in log on $int_if inet proto { tcp udp } from any to ! 192.168.1.1 port 53
 </pre></blockquote>
 <p>
 As configured in a previous section, our DHCP server will give users a default

Reply | Threaded
Open this post in threaded view
|

Re: Typo in FAQ example (faq/pf/example1.html)

Stuart Henderson-6
On 2016/02/03 15:03, Nils Frohberg wrote:
> The FAQ explains how to set up dnscrypt-proxy (from ports) in

BTW if you are using dnscrypt-proxy please note I have just committed a
security fix to ports.

(and my objection which tj already knows about still stands ;)