rc.conf(5): Document the 'workstation' firewall_type

Document the workstation ACL ruleset, which uses stateful rules. While here, add a note about where some of the undocumented variables can be found. This is not a perfect solution for bug 127359, but it at at least gives a place to go look, and can be used as a reference for when bug 127359 gets fixed properly. PR: 254358, 127359
2021-03-18 18:01:09 +01:00 · 2021-03-18 18:01:09 +01:00 · c39dda8192
commit c39dda8192
parent 4a847a6ccd
1 changed files with 7 additions and 1 deletions
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@ -539,7 +539,7 @@ Valid selections from
 .Pa /etc/rc.firewall
 are:
 .Pp
-.Bl -tag -width ".Li simple" -compact
+.Bl -tag -width ".Li workstation" -compact
 .It Li open
 unrestricted IP access
 .It Li closed
@ -547,12 +547,18 @@ all IP services disabled, except via
 .Dq Li lo0
 .It Li client
 basic protection for a workstation
+.It Li workstation
+basic protection for a workstation using stateful firewalling
 .It Li simple
 basic protection for a LAN.
 .El
 .Pp
 If a filename is specified, the full path
 must be given.
+.Pp
+Most of the predefined rulesets define additional configuration variables.
+These are documented in
+.Pa /etc/rc.firewall .
 .It Va firewall_quiet
 .Pq Vt bool
 Set to