Bug#1038597: tcpspy.rules.5: some remarks and editing fixes for the manual
Package: tcpspy
Version: 1.7d-15
Severity: minor
Tags: patch
Dear Maintainer,
here are some editing fixes of the man page with remarks.
Input file is tcpspy.rules.5
Output from "mandoc -T lint tcpspy.rules.5":
mandoc: tcpspy.rules.5:36:2: WARNING: skipping paragraph macro: PP after SH
mandoc: tcpspy.rules.5:40:24: STYLE: whitespace at end of input line
mandoc: tcpspy.rules.5:69:2: WARNING: skipping paragraph macro: PP empty
mandoc: tcpspy.rules.5:70:2: WARNING: skipping paragraph macro: PP empty
mandoc: tcpspy.rules.5:124:81: STYLE: input text line longer than 80 bytes: a default mask with ...
mandoc: tcpspy.rules.5:135:71: STYLE: whitespace at end of input line
mandoc: tcpspy.rules.5:142:73: STYLE: whitespace at end of input line
mandoc: tcpspy.rules.5:177:2: WARNING: skipping paragraph macro: PP empty
#######
Remove space characters at the end of lines.
Use "git apply ... --whitespace=fix" to fix extra space issues, or use
global configuration "core.whitespace".
40:.IR /etc/init.d/tcpspy
135:True if the full filename (including directory) of the executable that
142:The pattern "" (an empty string) matches connections created/accepted by
#####
Reduce space between words.
150:Expressions (including the comparisons listed above) may be joined together
196:Pablo Lorenzzoni (this manpage) and Mats Erik Andersson (changes for IPv6)
#####
Use the correct macro for the font change of a single argument or
split the argument into two.
40:.IR /etc/init.d/tcpspy
83:.BI ip
86:.BI ip6
#####
Change a HYPHEN-MINUS (code 0x55, 2D) to a minus (\-), if in front of a
name for an option.
103:.I -high
146:.B -p
#####
Wrong distance between sentences.
Separate the sentences and subordinate clauses; each begins on a new
line. See man-pages(7) ("Conventions for source file layout") and
"info groff" ("Input Conventions").
The best procedure is to always start a new sentence on a new line,
at least, if you are typing on a computer.
Remember coding: Only one command ("sentence") on each (logical) line.
E-mail: Easier to quote exactly the relevant lines.
Generally: Easier to edit the sentence.
Patches: Less unaffected text.
The amount of space between sentences in the output can then be
controlled with the ".ss" request.
104:is used, low is assumed to be 0. It is an error to omit both
123:AND of the local address of the connection and "mask". If no mask is specified,
124:a default mask with all bits set (255.255.255.255) is used. The CIDR type netmask
125:is also possible. With IPv6 only a prefix length netmask is allowed, and the
126:length defaults to 128. Depending on the address family, these rules contain
172:Rules are evaluated from left to right. Whitespace (space, tab and newline)
173:characters are ignored between "words". Rules consisting of only whitespace
195:Tim J. Robbins (tcpspy),
#####
Use \(en for a dash (en-dash) between space characters, not a minus
(\-) or a hyphen (-), except in the NAME section.
tcpspy.rules.5:55:to 4 rules (line 1 to line 4 - one per each line) using the boolean
tcpspy.rules.5:60:line 1 - for user "joedoe" connecting to 192.168.1.10:22 (remote)
tcpspy.rules.5:62:line 2 - for user whose UID is 1003
tcpspy.rules.5:64:line 3 - to *:22 or *:21 (both locally)
tcpspy.rules.5:66:line 4 - for user "joedoe" to *:23 (local) or to 192.168.1.20 (remote)
tcpspy.rules.5:71:.SS "Rule Syntax - just extracted from tcpspy(8)"
tcpspy.rules.5:93:.BI lport " [low] - [high]"
#####
The name of a man page is set in bold type and the section in roman (see
man-pages(7)).
42:tcpspy (see tcpspy(8)) logger filtering rules.
#####
Protect a period (.) or a apostrophe (') with '\&' from becoming a
control character, if it could end up at the start of a line (by
splitting the line into more lines).
175:Parentheses, '(' and ')' may be placed around expressions to affect the order
#####
--- tcpspy.rules.5 2023-06-18 02:25:13.000000000 +0000
+++ tcpspy.rules.5.new 2023-06-18 17:42:52.000000000 +0000
@@ -33,13 +33,15 @@
.SH NAME
tcpspy.rules \- configuration file for tcpspy
.SH DESCRIPTION
-.LP
This file, by default
.IR /etc/tcpspy.rules ,
is read by the
-.IR /etc/init.d/tcpspy
+.I /etc/init.d/tcpspy
script at init time in order to configure
-tcpspy (see tcpspy(8)) logger filtering rules.
+tcpspy
+(see
+.BR tcpspy (8))
+logger filtering rules.
.LP
It might look like:
.IP
@@ -52,23 +54,21 @@ lport 22 or lport 21
.fi
.LP
This rules file specifies that tcpspy logs tcp connections according
-to 4 rules (line 1 to line 4 - one per each line) using the boolean
+to 4 rules (line 1 to line 4 \(en one per each line) using the boolean
logic (see below) to evaluate each rule.
.LP
This particular example logs connections:
.TP
-line 1 - for user "joedoe" connecting to 192.168.1.10:22 (remote)
+line 1 \(en for user "joedoe" connecting to 192.168.1.10:22 (remote)
.TP
-line 2 - for user whose UID is 1003
+line 2 \(en for user whose UID is 1003
.TP
-line 3 - to *:22 or *:21 (both locally)
+line 3 \(en to *:22 or *:21 (both locally)
.TP
-line 4 - for user "joedoe" to *:23 (local) or to 192.168.1.20 (remote)
+line 4 \(en for user "joedoe" to *:23 (local) or to 192.168.1.20 (remote)
.LP
Everything from an "#" signal and the end of the line will not be evaluated.
-.LP
-.PP
-.SS "Rule Syntax - just extracted from tcpspy(8)"
+.SS "Rule Syntax \(en just extracted from tcpspy(8)"
A rule may be specified with the following comparison operators:
.TP
.BI user " uid"
@@ -80,28 +80,29 @@ user id
.BI user " \N'34'username\N'34'"
Same as above, but using a username instead of a user id.
.TP
-.BI ip
+.B ip
True if the connection is IPv4.
.TP
-.BI ip6
+.B ip6
True if the connection is IPv6.
.TP
.BI lport " port"
True if the local end of the connection has port number
.IR port .
.TP
-.BI lport " [low] - [high]"
+.BI lport "\fR [\fPlow\fR]\fP\(en\fR[\fPhigh\fR]"
True if the local end of the connection has a port number
greater than or equal to
.I low
and less than or equal to
.IR high .
If the form
-.I low-
+.I low\-
is used, high is assumed to be 65535.
If the form
-.I -high
-is used, low is assumed to be 0. It is an error to omit both
+.I \-high
+is used, low is assumed to be 0.
+It is an error to omit both
.IR low " and " high .
.TP
.BI lport " \N'34'service\N'34'"
@@ -114,17 +115,20 @@ Same as
.B lport
but compares the port number of the remote end of the connection.
.TP
-.BI laddr " n.n.n.n[/m.m.m.m]"
+.BI laddr " n.n.n.n" "\fR[" /m.m.m.m\fR]
.TP
.BI laddr " n.n.n.n/m"
.TP
-.BI laddr " ip6-addr[/m]"
+.BI laddr " ip6-addr" \fR[ /m \fR]
Interpreted as a "net/mask" expression; true if "net" is equal to the bitwise
-AND of the local address of the connection and "mask". If no mask is specified,
-a default mask with all bits set (255.255.255.255) is used. The CIDR type netmask
-is also possible. With IPv6 only a prefix length netmask is allowed, and the
-length defaults to 128. Depending on the address family, these rules contain
-an implicit match condition "ip" or "ip6", respectively.
+AND of the local address of the connection and "mask".
+If no mask is specified,
+a default mask with all bits set (255.255.255.255) is used.
+The CIDR type netmask is also possible.
+With IPv6 only a prefix length netmask is allowed,
+and the length defaults to 128.
+Depending on the address family,
+these rules contain an implicit match condition "ip" or "ip6", respectively.
.TP
.B raddr
Same as
@@ -132,22 +136,22 @@ Same as
but compares the remote address.
.TP
.BI exe " \N'34'pattern\N'34'"
-True if the full filename (including directory) of the executable that
+True if the full filename (including directory) of the executable that
created/accepted the connection matches
.IR pattern ,
a
.BR glob (7)-style
wildcard pattern.
.IP
-The pattern "" (an empty string) matches connections created/accepted by
+The pattern "" (an empty string) matches connections created/accepted by
processes whose executable filename is unknown.
.IP
If the
-.B -p
+.B \-p
option is not specified, a warning message will be printed, and the result of
this comparison will always be true.
.PP
-Expressions (including the comparisons listed above) may be joined together
+Expressions (including the comparisons listed above) may be joined together
with the following logical operations:
.TP
.IB expr1 " or " expr2
@@ -169,12 +173,14 @@ True if
.I expr
is false (logical NOT).
.PP
-Rules are evaluated from left to right. Whitespace (space, tab and newline)
-characters are ignored between "words". Rules consisting of only whitespace
-match no connections, but do not cause an error.
-Parentheses, '(' and ')' may be placed around expressions to affect the order
+Rules are evaluated from left to right.
+Whitespace (space, tab and newline)
+characters are ignored between "words".
+Rules consisting of only whitespace match no connections,
+but do not cause an error.
+Parentheses,
+\&'(' and \&')' may be placed around expressions to affect the order
of evaluation.
-.PP
.SS "Examples"
.TP
These are some sample rules which further demonstrate how they are constructed:
@@ -192,8 +198,8 @@ Log connections made by users "bob" and
not on a fictional "intranet".
.SH AUTHOR
-Tim J. Robbins (tcpspy),
-Pablo Lorenzzoni (this manpage) and Mats Erik Andersson (changes for IPv6)
+Tim J.\& Robbins (tcpspy),
+Pablo Lorenzzoni (this manpage) and Mats Erik Andersson (changes for IPv6)
.SH SEE ALSO
.BR glob (7),
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.27-1 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages tcpspy depends on:
ii libc6 2.36-9
ii lsb-base 11.6
ii sysvinit-utils [lsb-base] 3.06-4
tcpspy recommends no packages.
tcpspy suggests no packages.
-- no debconf information
Reply to: